ClawHub

Partner Enable Kit

v1.0.0

为渠道或合作伙伴生成 enablement 包,按伙伴类型拆分版本与 FAQ。;use for partner, enablement, channel workflows;do not use for 公开内部敏感政策, 替代正式合作协议.

0· 105·0 current·0 all-time
byvx:17605205782@52yuanchangxing
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name/description, required binary (python3), included resources (spec.json, template.md, examples) and scripts (scripts/run.py) all align with a local 'enablement package' generator and lightweight audits. No unrelated credentials, binaries, or install actions are requested.
Instruction Scope
SKILL.md instructs the agent to run the included script when shell/exec is available and otherwise to produce text using local templates — this is consistent. The script, however, can accept a directory or file path and will read many file types (md, py, js, sh, csv, etc.) and can recursively rglob through a provided root. That means if the agent is given or chooses a broad path (e.g., workspace root or home) the skill will read potentially large amounts of local content. There are no instructions to send data to external endpoints, and the script includes masking logic for secret-like patterns, but you should limit input paths and prefer dry-run/audited outputs if you have sensitive files.
Install Mechanism
No install spec; instruction-only with a bundled Python script. Nothing is downloaded or written to non-standard locations by an installer. Low install risk.
Credentials
The skill requests no environment variables or credentials. The included script reads local files based on the input path but does not require or ask for tokens/keys. The script also contains regexes to detect secret-like strings and masks them in reported snippets.
Persistence & Privilege
always is false and the skill does not request permanent system presence or modify other skills or agent-wide configs. It writes output only when invoked with an --output path (or by agent execution) and supports a --dry-run mode.
Assessment
This skill appears to do what it says: produce partner enablement markdown and run local simple audits. Before installing or running it, review scripts/run.py locally and: (1) prefer --dry-run first and inspect output before allowing writes; (2) do NOT pass broad paths like your repo root or home directory — limit the --input to the specific file(s)/folder(s) you want processed to avoid unintentional reading of unrelated files; (3) avoid giving the agent autonomous permission to run the script across your workspace if that workspace contains secrets; (4) sanitize any sensitive input before submission. If you want extra assurance, run python3 scripts/run.py yourself in a sandbox and review the generated out.md rather than allowing the agent to execute it automatically.

Like a lobster shell, security has layers — review code before you run it.

latestvk97fe5n5ttf9vcwnms8wqtbg75837jqp

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🎒 Clawdis
OSmacOS · Linux · Windows
Binspython3

Comments