ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Skill Onboarder

v1.1.0

Auto-wires new skills into core system. On skill install detected, reads SKILL.md/AGENT.md/SOUL.md/hooks and injects into soul/memory/agent files.

0· 35·0 current·0 all-time
by@cyber-bye

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for cyber-bye/skill-onboarder.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Skill Onboarder" (cyber-bye/skill-onboarder) from ClawHub.
Skill page: https://clawhub.ai/cyber-bye/skill-onboarder
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Canonical install target

openclaw skills install cyber-bye/skill-onboarder

ClawHub CLI

Package manager switcher

npx clawhub@latest install skill-onboarder
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name/description (auto-wire new skills) align with the instructions: reading SKILL.md/AGENT.md/SOUL.md/hooks and writing into soul/master.md, agent/skills-active.md, and workspace/_index.md. That functionality is coherent with an onboarder. However, the skill claims no required config paths or elevated privileges while its runtime instructions explicitly perform writes to core agent/soul/workspace paths (a mismatch worth noting).
!
Instruction Scope
The SKILL.md and templates will cause the agent to: scan each new skill's files, derive triggers and rules, and inject entries that can mark other skills as 'Always Fires', add HARD enforcement rules (which can block responses until satisfied), and add keyword triggers to scan every input. Those operations change runtime behavior platform-wide and give the onboarder the ability to create persistent triggers and enforcement rules from arbitrary skill metadata; this is broad scope and high-impact.
Install Mechanism
No install spec and no code files beyond markdown/templates — the skill is instruction-only, so there is no arbitrary binary download or archive extraction. Installation risk from downloaded code is low.
!
Credentials
The skill declares no required env vars or config paths, yet the instructions write to core files and create paths (soul/master.md, agent/skills-active.md, workspace/_index.md). The metadata omits the fact that the skill expects write access to these central files. That mismatch reduces transparency and is disproportionate to the lack of declared privileges.
!
Persistence & Privilege
Flagged 'always: true', meaning it will be force-included in every agent run. Combined with its ability to inject 'always fires' markers and HARD rules into agent config, this creates a persistent, high-privilege configuration pathway that could be abused to escalate influence or ensure malicious rules persist across runs. (Autonomous invocation itself is normal, but always:true is a significant privilege.)
What to consider before installing
This skill does what it says — it auto-wires other skills — but it gains high-impact, persistent ability to change core agent/soul configuration. Before installing: 1) Prefer not to enable always:true; require manual confirmation for onboarding actions. 2) Restrict this skill to administrators and run it in a sandbox first. 3) Audit its templates and the exact write paths it will modify; ensure the platform logs and file-change audit are enabled. 4) Require that incoming skills be validated (only trusted sources) before the onboarder processes them, because a malicious skill could craft SKILL.md/AGENT.md/hooks to create persistent triggers, hard rules, or pre-response hooks that alter behavior or exfiltrate data. 5) If you must use it, remove or disable 'Always Fires' / HARD-rule auto-enabling by default and require explicit user consent per injected rule.

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

🔧 Clawdis
latestvk971prvzh9mdxdpxct7sa1gkb585kve3
35downloads
0stars
2versions
Updated 3h ago
v1.1.0
MIT-0
@cyber-bye
latest
Download

Skill Onboarder

Purpose

Auto-wire new skills. On trigger, reads skill files → wires to core system.

Trigger

Matches: "installed", "new skill", "onboard", "wire skill", "onboarding"

Future: Auto-fires on skill:post-install event (not yet implemented)

Files Written

FileAdds
soul/master.mdSkill sections
agent/skills-active.mdTriggers + rules
workspace/_index.mdRegistration

Process

  1. Detect trigger → extract skill name
  2. Read: SKILL.md, AGENT.md, SOUL.md, hooks/
  3. Extract: triggers, rules (hard/soft), sections
  4. Inject to core files
  5. Confirm

Idempotent

Safe to re-run. Checks before write. Updates version if changed.

Comments

Loading comments...