ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Knowledge Gaps

v1.0.0

Track questions Hans failed to answer and flag missing knowledge

0· 199·1 current·1 all-time
by@atiati82

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for atiati82/knowledge-gaps.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Knowledge Gaps" (atiati82/knowledge-gaps) from ClawHub.
Skill page: https://clawhub.ai/atiati82/knowledge-gaps
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install knowledge-gaps

ClawHub CLI

Package manager switcher

npx clawhub@latest install knowledge-gaps
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The skill's stated purpose is to log unanswered questions. That could legitimately require a logger script or write access to a log file, but the skill declares no binaries, no files, and ships no code. The SKILL.md commands require python3 ./scripts/log-knowledge-gap.py, which is not provided nor declared — this is a capability mismatch.
!
Instruction Scope
The runtime instructions explicitly demand executing a local script (exec python3 ./scripts/log-knowledge-gap.py) and only then responding. This forces the agent to run arbitrary local code if present and to rely on the script's exact output. The skill does not include the script, does not specify where knowledge-gaps.md lives, and prohibits the agent from 'hallucinating' the action, leaving ambiguous behavior if the script is absent.
Install Mechanism
There is no install spec and no bundled code, which minimizes supply-chain risk. However, because the instructions call out to a local script, the absence of an install step means the skill expects the execution environment to already contain that script — a gap that raises operational risk but is not an install-spec issue.
!
Credentials
The skill requests no credentials or environment variables, which is proportionate. But it invokes python3 without declaring it as a required binary and directs creation/reading of knowledge-gaps.md (not declared as a config path). This mismatch could cause the agent to execute or read unexpected local files.
Persistence & Privilege
always is false and the skill is user-invocable, so it doesn't demand elevated persistent presence. It does, however, instruct writing to a local log file (knowledge-gaps.md) and executing a script — a modest persistence footprint that is coherent for logging, but the lack of explicit file paths and absent script means the behavior is underspecified.
What to consider before installing
This skill tells the agent to run a local Python script (./scripts/log-knowledge-gap.py) and only then tell the user the question was saved. But the skill package contains no script, doesn't declare python3 as a required binary, and doesn't specify where the log file lives. Before installing: (1) confirm the logger script exists in the agent environment and review its source — do NOT let the agent execute an unreviewed script; (2) if you expect the skill to provide the script, ask the author to include it and to declare python3 as a requirement, or change the instructions to use a safe, auditable logging API; (3) ensure the log file path is explicit and that writing to it is acceptable for your security policy. If you can't review or control the script, treat this skill as risky and avoid enabling it.

Like a lobster shell, security has layers — review code before you run it.

latestvk97bqas7fvg5pjnwggrt4b5w2x83432e
199downloads
0stars
1versions
Updated 1h ago
v1.0.0
MIT-0
@atiati82
latest
Download

Knowledge Gap Detection Skill

When Hans cannot answer a question or says "I don't know" / "nicht in meiner Wissensdatenbank", he should:

Steps

  1. MUST ACTUALLY RUN THIS COMMAND — Log the failed question using the gap logger:
exec python3 ./scripts/log-knowledge-gap.py "The question the user asked" "What knowledge was missing"

  1. Check the output — The script will print ✅ Logged to knowledge-gaps.md with the entry. If it prints an error, report it.

  2. ONLY AFTER seeing the ✅ confirmation, respond: "Das weiß ich leider nicht. Ich habe die Frage in meinem Knowledge-Gap-Log gespeichert, damit ATTi sie nachträglich ergänzen kann."

⚠️ CRITICAL: Do NOT say "Ich habe die Frage gespeichert" unless you actually ran the exec command AND saw the ✅ output. Never hallucinate this action.

Weekly Summary

During the weekly-reflection cron job, Hans should also review knowledge-gaps.md and summarize the top gaps for ATTi.

Goal

Over time, this creates a feedback loop: gaps are logged → ATTi fills them → Hans improves.

Comments

Loading comments...