ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Openclaw Readonly Consumer

v1.0.0

Keep an OpenClaw-style local runtime on the snapshot-first, thin-BFF-first, read-only Campus Copilot path.

0· 67·1 current·1 all-time
byYifeng[Terry] Yu@xiaojiou176
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name, description, and the SKILL.md all describe a read-only, snapshot-first local consumer; the requested actions (starting local MCP/read-only servers, consuming local snapshots) are coherent with that purpose. However, the SKILL.md expects pnpm-based commands and local example files even though the registry metadata declares no required binaries or config paths.
Instruction Scope
Instructions are narrowly scoped to running local pnpm server commands, exporting a snapshot path, and consuming local JSON snapshots. They do not instruct network exfiltration or access to unrelated system areas. Still, they direct the agent to run local commands and read local snapshot files (which could contain sensitive data).
Install Mechanism
Instruction-only skill with no install spec or code files — lowest install risk. Nothing will be written or downloaded by the skill itself.
!
Credentials
Metadata lists no required environment variables, but the SKILL.md explicitly recommends exporting CAMPUS_COPILOT_SNAPSHOT and implies reliance on local example files and optional mcpServers JSON. This mismatch (undocumented env var / implicit dependency on pnpm) reduces transparency and could cause unintended local file reads.
Persistence & Privilege
always:false and no install/persistence instructions. The skill does not request permanent presence or elevated privileges beyond running local commands when invoked.
What to consider before installing
This instruction-only skill appears to do what it says (start local read-only MCP/consumer processes and read a local snapshot), but the SKILL.md expects pnpm and an environment variable (CAMPUS_COPILOT_SNAPSHOT) that are not declared in the registry metadata. Before installing or invoking: (1) ensure pnpm is installed and you understand/approve any pnpm scripts the skill will run; (2) confirm the example snapshot file(s) referenced exist and do not contain secrets or sensitive student data; (3) run the skill in a sandbox or non-production environment first to observe what local commands it executes; and (4) ask the publisher for an explicit list of required binaries and env vars (and sample commands) to resolve the metadata mismatch. If you need higher assurance, request a version that declares required binaries and env vars in its metadata or provides explicit command listings rather than implicit example references.

Like a lobster shell, security has layers — review code before you run it.

campus-copilotvk97awgf59kv6vwxyaaad13mq4584kcb0latestvk97awgf59kv6vwxyaaad13mq4584kcb0read-onlyvk97awgf59kv6vwxyaaad13mq4584kcb0
67downloads
0stars
1versions
Updated 1w ago
v1.0.0
MIT-0
Yifeng[Terry] Yu@xiaojiou176
campus-copilotlatestread-only
Download

OpenClaw-Style Read-Only Consumer

Use this skill when your local operator/runtime behaves like an OpenClaw-style shell and you want Campus Copilot to stay on the snapshot-first / thin-BFF-first / read-only side.

Think of Campus Copilot as the labeled binder on the desk:

  • Campus Copilot provides structured academic context
  • your local runtime decides how to consume that context
  • Campus Copilot does not become a browser-control plugin or write-capable operator loop

Start with the narrowest path

  1. If you need cross-site health, provider readiness, read-only ask, or export tools, start with:
    • pnpm --filter @campus-copilot/mcp-server start
  2. If you only need one site's snapshot records, use:
    • pnpm --filter @campus-copilot/mcp-readonly start:<site>
  3. If you only need local provider status or cited-AI chat on the Campus semantic contract, use:
    • pnpm start:api

Inputs

  • one local snapshot such as examples/workspace-snapshot.sample.json
  • one local runtime that can launch stdio commands
  • optional support for the same mcpServers JSON shape used by Codex/Claude-style MCP setups

Recommended flow

  1. Export a safe snapshot path:
    • export CAMPUS_COPILOT_SNAPSHOT="$PWD/examples/workspace-snapshot.sample.json"
  2. Start with the generic MCP server unless you already know you only need one site.
  3. If your runtime explicitly accepts the same mcpServers JSON shape, adapt:
    • examples/integrations/codex-mcp.example.json
    • examples/integrations/claude-code-mcp.example.json
  4. If it does not accept that exact shape, stay with the direct command snippets from:
    • examples/openclaw-readonly.md
  5. Keep all claims snapshot-scoped and read-only.

Good fit

  • OpenClaw-style local consumers that need one truthful starting recipe
  • imported snapshot review without reopening live browser automation
  • read-only MCP or local BFF consumption over Campus-owned semantics

Not a fit

  • live browser takeover
  • posting, replying, or submitting on external sites
  • inventing an official plugin or marketplace contract
  • hosted autonomy positioning

Recommended repo-local references

  • examples/openclaw-readonly.md
  • examples/README.md
  • skills/read-only-workspace-analysis/SKILL.md
  • skills/site-mcp-consumer/SKILL.md

Comments

Loading comments...