Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Skill Composer
v0.1.0L2 编排层 - 智能技能编排引擎。自动编排多技能协作流程,分析技能依赖关系,优化执行策略(并行/串行决策)。
⭐ 0· 51·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The name/description (an orchestration/meta-skill) aligns with the provided code: decomposeTask, matchSkills, orchestrate, optimize, and synthesizeResults implement task decomposition, skill matching, DAG building, parallel/serial planning, simple optimization and result synthesis. Declared dependencies and required env/configs are empty, which is appropriate for this local orchestration utility.
Instruction Scope
SKILL.md describes orchestration usage and examples that match the code. The SKILL.md frontmatter lists tools (Read, Write, Bash, Exec) and a model (sonnet) which suggest capability to run shell commands or external models, but the included src/index.js contains only pure Node.js logic with no exec/fs operations beyond local module exports. This is inconsistent (documentation lists broader runtime tools than the code uses) but not necessarily malicious. Also the documentation's project layout mentions separate module files (decompose.js, match.js, etc.) that are not present — the functionality is in a single index.js instead.
Install Mechanism
No install specification is provided (instruction-only + included source). There is no download-from-URL or extraction step; package.json/devDependencies are standard (jest). package-lock.json is large (normal for npm dev deps) but nothing in the manifest indicates an installer that fetches arbitrary code at install time.
Credentials
The skill requests no environment variables, no credentials, and no config paths. The code does not read process.env or access external secrets. This level of access is proportional to the stated purpose.
Persistence & Privilege
Flags show always:false and autonomous invocation allowed by default — normal for skills. The skill does not request permanent presence or modify other skills' configs and does not write additional files beyond what the package would normally include.
Assessment
This skill appears to do what it says: local orchestration logic with no credential requests or network/external installers. Before installing or running it: 1) Review src/index.js locally (already provided) and run the included tests (npm install && npm test) in a sandboxed environment. 2) Note the SKILL.md lists shell/exec capabilities though the code does not use them — ask the maintainer to clarify whether the skill will ever run external commands or call external models. 3) The implementation maps some task types to skill ids (including 'skill-composer' itself), which could lead to self-references/cycles in some inputs — test with representative workloads. 4) Because the source origin is unknown, avoid giving it access to sensitive systems or credentials until you confirm provenance and intended runtime behavior. If you need higher assurance, ask the author for a signed release or run code analysis in an isolated environment.Like a lobster shell, security has layers — review code before you run it.
latestvk9715eakbkcd735p5n322jxw5h84bas6
License
MIT-0
Free to use, modify, and redistribute. No attribution required.