Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Prd Workflow

v4.2.5

Complete PRD workflow with integrated review, flowchart, and export. Deep interview → Requirement analysis → PRD generation → Review → Flowchart → Quality ch...

⭐ 1· 429·2 current·2 all-time

by@gotomanutd-dot

MIT-0

Download zip

LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.

Security Scan

Capability signals

CryptoRequires walletCan make purchases

These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.

VirusTotal

Benign

View report →

OpenClaw

Suspicious

medium confidence

ℹ

Purpose & Capability

The codebase and SKILL.md align with a one‑stop PRD workflow: interview, decomposition, PRD generation, review, flowchart and export. The skill does not request cloud credentials or unrelated secrets. Note: the skill writes/reads files under the user's OpenClaw workspace (~/.openclaw/workspace/output/{user}/{project}) and bundles multiple sub-skills (mermaid-flow, prd-export, htmlPrototype, requirement-reviewer), which is consistent with the described features but increases its local footprint.

Instruction Scope

SKILL.md instructs the agent to run an interactive 'stage 0' interview inside the current session and to persist results to interview.json in the workspace. That behaviour is expected for the feature but it means the agent will collect potentially sensitive user-provided data (answers to 16–50 questions) and store it locally. The instructions also explicitly require the interview to run in-session (not in a subagent), giving the agent broad discretion during the interactive Q&A. No instructions attempt to read unrelated system credentials, but the writing/reading of workspace files is central to operation.

ℹ

Install Mechanism

The registry metadata declared 'no install spec / instruction-only', but the package includes many code files and a scripts/postinstall.js and a package-like manifest (clawhub.json / install.json) that can run a postinstall script to check/install dependencies (mermaid-cli, optional adm-zip/playwright/html2image). Automatic postinstall hooks and npm installs are moderate-risk behaviours — they are expected for features like diagram rendering but should be reviewed prior to installation. No downloads from obscure URLs were found in the provided manifest; dependencies appear to be standard packages.

ℹ

Credentials

The skill declares no required environment variables or credentials (primaryEnv none), which is proportionate to its stated purpose. It does require Node.js and (optionally) Python and various CLI packages (mermaid-cli, html2image/playwright) to provide rendering and export features; these are declared in docs and postinstall. The skill will read/write files under the OpenClaw workspace; if you plan to store sensitive PII in interview.json, be aware of local storage and retention (versions directory).

✓

Persistence & Privilege

The skill does not request always:true and does not ask to modify other skills or system-wide settings. It persists its own output files under its workspace output directory and manages version snapshots there — this is normal for a workflow tool. The presence of a postinstall hook grants it the ability to prompt/install node/python packages during installation; that is standard but worth reviewing.

What to consider before installing

This skill appears to implement the advertised PRD workflow and doesn't request cloud credentials, but review the following before installing or using with real data: - Inspect scripts/postinstall.js (and any install hooks) before running the installer because it may auto-install npm/python packages (mermaid-cli, adm-zip, playwright, html2image). - The runtime will ask many interactive questions and store answers in ~/.openclaw/workspace/output/{user}/{project}/interview.json (and versioned snapshots). Avoid entering sensitive personal or secret data in the interview answers or run it in an isolated environment if necessary. - Metadata claims 'instruction-only' but the bundle contains substantial code and postinstall behavior — prefer installing from a known source (GitHub repo) and verify the repository/author before trusting. - If you only need a subset of features (e.g., review-only or export-only), consider running those parts in a test workspace first to confirm file placements, permissions, and external dependency installs. If you want, I can: (1) show the postinstall.js contents and flag any risky commands, (2) list files that write to the output directory, or (3) suggest a safe install checklist and sandbox commands.

✗

scripts/postinstall.js:73