ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Smart Agent Template

v1.1.0

Smart Agent 工作流模板:三重判断机制 + 自动更新 + Context 优化。包含完整的任务执行规范、WBS 拆分、流程豁免阈值、记忆管理等最佳实践。

0· 89·0 current·0 all-time
byMark@whhaijun

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for whhaijun/smart-agent-template.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Smart Agent Template" (whhaijun/smart-agent-template) from ClawHub.
Skill page: https://clawhub.ai/whhaijun/smart-agent-template
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install smart-agent-template

ClawHub CLI

Package manager switcher

npx clawhub@latest install smart-agent-template
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The files and code (memory manager, WBS, multi-agent docs, Telegram/Feishu bot integrations, ChromaDB/OpenClaw/Ollama guides) are broadly coherent with a 'smart agent workflow' template. However the registry metadata declares no required env vars or binaries while the included integration code and docs clearly expect many credentials and local services (Telegram token, Feishu app secrets, Claude/OpenAI API keys, Ollama local service, ChromaDB, OpenClaw). That mismatch is unexpected and should be justified by the author.
!
Instruction Scope
Runtime instructions and docs direct agents to read and enforce AGENTS.md (which the skill suggests embedding into other agents' system prompts), to auto-check/pull updates from GitHub/Gitee on startup, to run networked bots (webhooks/polling), and to access local memory files. The SKILL/README explicitly recommends making other agents 'read and obey' AGENTS.md (prompt injection risk). These instructions go beyond passive guidance and enable updating behavior and system-prompt modification.
!
Install Mechanism
There is no declared install spec, but the package contains scripts such as scripts/auto_update.sh and start scripts. The default auto_update.yaml enables update checks on startup (enabled: true, check_on_startup: true) and mentions silent updates. Automatic pull-and-update behavior from remote repositories creates a remote code execution/update vector unless you audit/disable it first.
!
Credentials
Registry lists no required environment variables, yet many files and docs require/expect secrets and endpoints (FEISHU_APP_ID/SECRET/VERIFICATION_TOKEN/ENCRYPT_KEY, TELEGRAM_BOT_TOKEN, CLAUDE_API_KEY, OPENAI_API_KEY, OLLAMA_BASE_URL, CHROMA/DB dirs, etc.). Requiring none in metadata while shipping integration code that needs sensitive credentials is an incoherence and raises risk of accidental credential exposure or misconfiguration.
!
Persistence & Privilege
The skill isn't marked always:true, but it defaults to auto-update on startup and provides scripts to check and pull remote changes. That gives it potential to change its own code after installation (automatic updates) which increases blast radius. It does not appear to modify other skills' configs, but the ability to fetch and install updates silently is a privilege that should be controlled.
Scan Findings in Context
[system-prompt-override] expected: The package explicitly recommends other agents read AGENTS.md and '遵守所有规范' (embed into system prompts). For a workflow template this behavior is expected, but it is also exactly the kind of prompt-injection capability flagged by the scanner and can be abused if you allow untrusted updates or enable automatic updates.
What to consider before installing
Before installing or running this skill: 1) Treat the repo as code that will run on your system — audit scripts/auto_update.sh and any start scripts. 2) Disable automatic updates (set config/auto_update.yaml enabled: false and do not run auto_update.sh) until you trust the source. 3) Inspect any code that will be run on startup (bot entrypoints, auto-update, health/metrics scripts) and verify they don't call external URLs you don't expect. 4) Be cautious about enabling integrations — only set FEISHU/TELEGRAM/CLAUDE/OPENAI/OLLAMA credentials if you reviewed the integration code; keep secrets out of shared/mounted workspaces. 5) If you plan to let other agents 'read and obey' AGENTS.md or inject it into system prompts, be aware this is effectively a system-prompt override; only do so with fully audited content. 6) Prefer running in an isolated environment (container or VM) and limit network access until you've audited the update mechanism and webhook handlers. 7) If you need higher assurance, ask the publisher for a source URL / signed release; absence of a homepage and unknown owner ID reduces trust.

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

🤖 Clawdis
latestvk97dpznvgx5ma9c9hz1w9nzabn83x0rw
89downloads
0stars
2versions
Updated 4w ago
v1.1.0
MIT-0
Mark@whhaijun
latest
Download

Smart Agent Template

Agent 工作流模板,实现高效的任务管理和协作机制。

核心特性

1. 三重判断机制

  • 会话独立性判断:自动识别任务是否可以在新会话执行,避免 context 膨胀
  • 执行者判断:根据任务类型自动分配给合适的 agent
  • WBS 拆分判断:复杂任务自动拆分,确保每个子任务可控

2. 自动更新

  • 启动时自动检查 GitHub/Gitee 更新
  • 可配置开关(config/auto_update.yaml)
  • 支持静默更新

3. Context 优化

  • spawn subagent = 新空白 context
  • Task Brief 最小化传递(≤ 100 字背景)
  • 触发条件:对话 ≥ 15 轮 / context > 80K / 连续同类任务 > 3 次

4. 流程豁免阈值

满足所有 5 条可跳过三重判断:

  • 单文件操作
  • ≤ 3 步
  • 无依赖
  • 耗时 < 2 分钟
  • 纯操作类

快速开始

  1. 克隆模板
git clone https://github.com/whhaijun/agent-workflow.git
cd agent-workflow

  1. 配置身份 编辑 IDENTITY.md 定义 agent 角色

  2. 启动 按 AGENTS.md 启动流程执行

文件结构

├── AGENTS.md           # 工作规范(核心)
├── IDENTITY.md         # Agent 身份定义
├── config/
│   └── auto_update.yaml  # 自动更新配置
├── scripts/
│   └── auto_update.sh    # 更新脚本
├── memory/
│   └── hot.md           # HOT 层记忆
└── docs/               # 详细文档

使用场景

  • 多 Agent 协作项目
  • 需要长期记忆的 Agent
  • 复杂任务自动拆分
  • 需要版本管理的 Agent 工作流

更多文档

License

MIT

Comments

Loading comments...