ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

LoongFlow — PEES Iterative Agent

v1.0.1

LoongFlow brings evolutionary multi-agent optimization to your coding agent harness. Drop it into Codex, Claude Code, Cursor or any OpenClaw agent — then wat...

2· 68·0 current·0 all-time
byFreshman@freshmand

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for freshmand/loongflow.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "LoongFlow — PEES Iterative Agent" (freshmand/loongflow) from ClawHub.
Skill page: https://clawhub.ai/freshmand/loongflow
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install loongflow

ClawHub CLI

Package manager switcher

npx clawhub@latest install loongflow
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
The skill name/description (PEES iterative agent) aligns with the runtime behavior (iterative native subagent and an engine that clones and runs LoongFlow). However the registry metadata declares no required env vars or install steps, while the Engine mode explicitly requires ANTHROPIC_API_KEY and ANTHROPIC_BASE_URL and performs network installs (git clone, pip install, potentially download Python). That mismatch between declared requirements and the instructions is a coherence problem.
!
Instruction Scope
SKILL.md instructs the agent to read /root/.openclaw/openclaw.json to discover workspaces, write per-workspace .loongflow/tasks.json, spawn subagents (sessions_spawn), run background engine processes, copy user files into task dirs, and use infoflow_send to notify users. It also requires creating a scheduled cron job that scans all agent workspaces every 10m. These actions go beyond simple in-session work: they enumerate agent configuration, persist state across workspaces, and create recurring jobs that can read and send data across agents.
!
Install Mechanism
There is no formal install spec in the registry (instruction-only), but the engine-mode instructions include network operations: git clone https://github.com/baidu-baige/LoongFlow, git pull, and pip install -e .; they may also download Python (via 'uv'). Those are high-impact operations (pulling and installing third-party code, creating venvs, running background processes) and the skill provides no checksums, pinned versions, or safety prompts in the registry metadata.
!
Credentials
Registry metadata claims no required env vars, yet SKILL.md reads/relies on ANTHROPIC_API_KEY and ANTHROPIC_BASE_URL for Engine mode, and also reads OPENCLAW_AGENT_ID and BAIDU_CC_USERNAME (or falls back to whoami). It writes agent-local files under each workspace and reads openclaw.json. Asking for Anthropic credentials is plausible for an engine using anthropic/ models, but the required env vars should be declared up front. The skill's ability to read openclaw.json and enumerate workspaces is broad and may expose metadata about other agents.
!
Persistence & Privilege
Although 'always' is false, the skill instructs creating persistent artifacts: .loongflow directories, venvs, background engine processes (PID files), and a cron job that runs every 10 minutes and scans all workspaces. That gives the skill recurring execution and cross-workspace read/write capability and the ability to send messages (infoflow_send). This persistent capability increases the risk surface and should be consented to explicitly.
What to consider before installing
What to check before installing or running this skill: - Missing declarations: The registry lists no required env vars or install steps, but the SKILL.md requires ANTHROPIC_API_KEY and ANTHROPIC_BASE_URL (engine mode) and instructs cloning/installing code. Ask the publisher to declare required env vars and install behavior explicitly. - Repository & install risk: The engine mode clones and pip-installs code from https://github.com/baidu-baige/LoongFlow and may download Python. Only proceed if you trust that repo; consider reviewing the repo contents or running the engine in an isolated environment (ephemeral container) first. - Broad file access: The skill reads /root/.openclaw/openclaw.json to enumerate agent workspaces and writes .loongflow/tasks.json in workspaces. If you have multiple agents or sensitive workspace data, this gives the skill cross-workspace visibility — confirm that's acceptable. - Persistent cron & background processes: The skill creates a cron (openclaw cron add) that runs every 10 minutes and background engine processes (PID files). Those persist beyond the immediate session and can act autonomously; review the cron job and created files, and be ready to remove them if undesired. - Credentials scope: If you supply ANTHROPIC_API_KEY, prefer a scoped key or a restricted account; never provide unrelated secrets. Confirm the skill only uses the Anthropic creds for LLM calls. - Safer alternatives: Use Native PEES mode for smaller tasks first (it is lower-impact: subagent, limited iterations, writes only to a per-task .loongflow directory). Test the behavior there before enabling Engine mode. - Operational checks: After first run, inspect created files (.loongflow/, tasks.json, crons), background PIDs, and network activity. If you are unsure, run the engine only in an isolated sandbox and review the LoongFlow repo code referenced in the instructions. If you want, I can produce a short checklist or commands to safely audit the repo and the files this skill will create, or a minimal safe wrapper to run the engine in an isolated container.

Like a lobster shell, security has layers — review code before you run it.

latestvk97bjgyt20jkjy3zh5qwv822dn84vn0c
68downloads
2stars
2versions
Updated 2w ago
v1.0.1
MIT-0
Freshman@freshmand
latest
Download

LoongFlow — PEES 迭代问题求解

当用户希望通过多轮迭代来优化方案时使用此 Skill——代码优化、算法进化、结构化重试与学习,或任何"一次生成质量不够、需要反复打磨"的任务。

第一步:分析任务,推荐模式

收到任务后,先分析复杂度,向用户介绍两种模式并给出推荐:

Native PEES(推荐中小型任务):

  • 适合:单文件修复、小功能、bug fix、聚焦的质量提升
  • 工作方式:异步 subagent——任务丢给独立 subagent 跑 PEES 迭代,主 session 立刻释放,不阻塞对话
  • 优点:无需额外配置,透明工作区,完成时直接通知用户
  • 限制:最多 5 轮迭代,单线程,无种群进化
  • 进度:每轮迭代完成后写入 .loongflow/tasks.json,统一监控

LoongFlow Engine(推荐复杂优化任务):

  • 适合:优化问题、多文件项目、需要 50+ 轮迭代、种群进化
  • 工作方式:下载 LoongFlow 框架,后台运行进化引擎,cron 定时汇报进度
  • 优点:多岛模型、Boltzmann 选择、MAP-Elites 多样性、断点续跑、成本追踪
  • 限制:需要 ANTHROPIC_API_KEY + ANTHROPIC_BASE_URL,有安装步骤
  • 源码:https://github.com/baidu-baige/LoongFlow

先询问用户选择哪种模式,再执行。

第二步:按模式执行

用户确认模式后,读取对应的参考文件并严格按其指令操作:

  • Native PEES → 读取并遵循 references/native-pees.md
  • LoongFlow Engine → 读取并遵循 references/engine-mode.md

任务监控(两种模式通用)

所有 LoongFlow 任务(无论 native 还是 engine)都通过统一的任务注册表管理:

  • 注册表<agentWorkspace>/.loongflow/tasks.json
  • 监控 cron:所有任务共用一个 openclaw cron,每 10 分钟触发一次。每次向用户推送有实质内容的进度摘要:分数趋势(0.XX → 0.XX → 0.XX)、本轮策略(从 plan.md/log 提取)、关键发现(从 summary.md/log 提取)。
  • 任务完成:subagent / engine 直接 infoflow_send 最终结果,并将任务标记为 done

cron 创建命令详见 references/monitoring.md(两种模式共用,不要在各模式文件里单独维护,也不要内联 cron 命令)。

架构参考:任务复杂度分级

LoongFlow 将 Agent 任务分为三个层级:

层级说明适合场景
Simple(简单)ReAct 循环 + 持久化记忆聊天机器人、工具调用、格式转换
Standard(标准)ReAct + 自我评估 + 迭代改进代码审查、文档生成、数据分析
Advanced(高级)PEES 进化循环 + loongflow-memory数学优化、算法设计、NP-hard 问题

复杂度判断流程

任务分析
├── 只需对话 + 简单工具?→ SIMPLE
├── 需要文件操作或代码生成?
│   ├── 有数值评估指标?→ ADVANCED
│   └── 无数值指标?→ STANDARD
└── 需要迭代优化?
    ├── 有明确打分函数?→ ADVANCED
    └── 定性改进?→ STANDARD

Comments

Loading comments...