ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Knowledgebase Share

v0.3.2

Operate a multi-agent shared knowledge layer backed by one GitHub repository. Use when setting up shared/private knowledge folders, enforcing branch+PR workf...

0· 399·1 current·1 all-time
byReed@reed1898
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
The name/description match the included scripts and SKILL.md: all actions are Git-based repository operations (clone, branch, pull/rebase, push) against a configured repo_url. There are no requested credentials or network endpoints outside the canonical Git remote model, so the requested capabilities align with the stated purpose.
Instruction Scope
SKILL.md and the scripts stick to knowledge-layer git workflows. However, the scripts perform push/pull/rebase operations which will transmit repository contents to/from whatever remote is configured and will use the agent/host's Git credentials (SSH keys or HTTPS tokens). The skill warns not to hardcode secrets, but does not enforce it — accidental inclusion of secrets in notes could be pushed to the remote.
Install Mechanism
There is no install spec or external downloads (instruction-only + bundled scripts), which is low risk. Note: the scripts assume command-line tools (git and optionally jq) but the skill metadata did not declare required binaries; those tools must exist on the host for correct operation.
Credentials
The skill does not request environment variables or credentials directly (good). It implicitly relies on the host's git configuration and credentials (SSH keys or cached HTTPS credentials). This is proportionate to the task but means the operator must ensure the configured repo_url is trusted — misconfiguring it could send data to an attacker-controlled remote.
Persistence & Privilege
always is false; the skill does not request permanent platform-wide privileges and it only writes to the configured local_path. It does not alter other skills or system agent config. Files and directories are created under the user-specified local_path, which is expected behavior.
Assessment
Before installing/running: (1) Review and set references/kb-config.json so repo_url points to a trusted repository and local_path is correct. (2) Understand that the scripts will run git pull/rebase and git push using your host's git credentials — do not point repo_url to an untrusted remote. (3) Ensure required tools (git, and jq if you want JSON config parsing) are installed; note that '~' in the JSON will not be shell-expanded by the scripts (edit to an absolute path). (4) Use --no-push or mode=status to dry-run and inspect changes before pushing. (5) Avoid storing secrets in repo content; consider using a deploy key or least-privileged token for CI/automation. If you want stronger assurances, ask the skill author to declare required binaries and to add explicit validation of config values and path expansion.

Like a lobster shell, security has layers — review code before you run it.

latestvk977gdjmw9me3a0q7w1q078qvd8241wn
399downloads
0stars
4versions
Updated 18h ago
v0.3.2
MIT-0
Reed@reed1898
latest
Download

Knowledgebase Share

Use this skill as the single operating system for multi-agent knowledge storage.

Privacy rule (critical)

This is a reusable/public skill. Never hardcode user-specific repo URLs, paths, or secrets in SKILL.md. Always read config from references/kb-config.json (or user-provided override) before executing.

Required config

Read references/kb-config.json first.

Fields:

  • repo_url: canonical GitHub repo URL for knowledge storage
  • local_path: local clone path
  • branch: default branch (usually main)
  • private_root: private notes root folder (default private)
  • shared_root: shared notes root folder (default shared)

Repository model

<knowledge-repo>/
  private/<agent>/
  shared/
    00_rules/
    10_projects/
    20_research/
    30_decisions/
    40_playbooks/
    90_archive/
  meta/
  templates/

Branch model

  • main: stable shared knowledge
  • agent/<name>: per-agent working branch
  • Shared knowledge enters main only via PR

Operating rules

  1. Pull/rebase before writing: git pull --rebase origin <branch>
  2. Keep private drafts in private/<agent>/
  3. Promote reusable content to shared/ via PR
  4. Never force-push main
  5. No secrets/tokens in repository content
  6. Resolve conflicts by preserving both versions first, then refactor

Standard flows

A) Agent daily write (private)

  1. checkout agent/<name>
  2. write to <private_root>/<name>/...
  3. commit + push branch

B) Promote to shared knowledge

  1. copy/refine note into <shared_root>/...
  2. commit on agent/<name>
  3. open PR to main
  4. merge after review

C) Consume latest shared knowledge

  1. checkout local branch
  2. git fetch origin
  3. rebase from latest main

Minimal commands (template)

# first-time clone
git clone <repo_url> <local_path>

# create agent branch
cd <local_path>
git checkout -b agent/<name>

# sync branch
git pull --rebase origin agent/<name>

# push updates
git push origin agent/<name>

Boundary

  • This skill governs knowledge layer operations only.
  • Constitution / hard governance rules are maintained in the independent constitution system.

Comments

Loading comments...