Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Skill Kit
v0.1.2Claude Code skill management. writer - create new skills [writer.md], lint - validate and fix frontmatter [lint.md], merge - combine related skills [merge.md...
⭐ 0· 88·0 current·0 all-time
byes6kr@drumrobot
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The name/description (skill creation, linting, merging, trigger compilation) match the behavior in SKILL.md and the included scripts: scanning ~/.claude/skills, creating SKILL.md, moving skill/agent files, and compiling triggers. Requests and actions are broadly proportional to a skill-management toolkit.
Instruction Scope
Runtime instructions and the included script read and write many user-global paths (~/.claude/skills, ~/.claude/plugins, ~/.claude/agents, ~/.claude/settings.json, ~/.claude/hooks, ~/.claude/data) and perform moves (mv), backups, and edits to SKILL.md and settings.json. The workflow includes automatic 'depends-on' edits, backups, and moving agent files — these are expected for a manager tool but are high-impact operations and some steps are described as 'required' (auto-modify frontmatter) while other places mandate user confirmation, creating ambiguity about what will run without explicit approval.
Install Mechanism
No installer — instruction-only with one included shell script (scripts/trigger-compile.sh). There is no remote download, which lowers supply-chain risk; however the shipped shell script writes auto-generated hook scripts to ~/.claude/hooks and overwrites settings.json entries via jq, so running the script performs filesystem and config mutations.
Credentials
The skill requests no environment variables or external credentials (good). It nonetheless requires broad filesystem access to user-specific Claude runtime directories — appropriate for a skill manager but sensitive because it touches user agents, plugin areas, and global settings.
Persistence & Privilege
The trigger compilation flow writes persistent hook scripts (~/.claude/hooks/trigger-*.sh), sets flag files (~/.claude/data/trigger-stop-*) and updates ~/.claude/settings.json to register hooks that can run on PreToolUse/PostToolUse/Stop. Registered hooks can 'suggest', 'block' (exit 1) or 'inject' systemMessage JSON, giving lasting control over agent execution flow. While this is aligned with the 'trigger' feature, it is a powerful privilege and could be abused if a skill registers malicious triggers or auto-modifies other skills without clear user consent.
What to consider before installing
This skill is designed to manage other skills and therefore reads and modifies many Claude runtime files (~/.claude/skills, ~/.claude/agents, ~/.claude/settings.json, ~/.claude/hooks, ~/.claude/data). Before running it: 1) Inspect scripts/trigger-compile.sh and any triggers declared in this SKILL.md to see exactly what hook scripts would be generated. 2) Run trigger compile with the provided dry-run flag first to preview changes. 3) Backup ~/.claude/settings.json and any skill directories you care about (cp or git) so you can restore if hooks or SKILL.md are changed. 4) Expect operations that move files to ~/.claude/.bak and that may edit SKILL.md frontmatter (the upgrade/dedup flows describe auto-editing in places). 5) Treat this skill as high-privilege: do not run compile/upgrade actions without confirming each proposed change, and avoid enabling it for automatic/always-on execution unless you trust the source and have reviewed its scripts.Like a lobster shell, security has layers — review code before you run it.
latestvk9727gegft7qy530f329c7yvrx84xkc2
License
MIT-0
Free to use, modify, and redistribute. No attribution required.