ClawHub

SOTA Agent

v1.4.1

Public ClawHub skill for SOTA-focused CV and DS campaigns across OpenClaw notebooks, GUI-heavy workflows, and GPU VMs.

0· 209·0 current·0 all-time
by@zack-dev-cm
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
Requires OAuth token
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name and description (SOTA campaign planning across notebooks/VMs) match the provided scripts and references: tools create campaign, candidate, leaderboard, run-card, VM bootstrap manifests, and render summaries. Declared binary requirements (python/python3) are appropriate.
Instruction Scope
SKILL.md instructs running local Python scripts to create and manage campaign artifacts and explicitly recommends keeping outputs inside a campaign workspace and using a paired execution lane for actual runs. This is scoped to planning/record-keeping. Note: the runtime relies on sanitize_* helpers (sota_public_safety) to redact/sanitize paths and URLs — review that file to confirm sanitization behaves as intended.
Install Mechanism
No install spec or external downloads; the skill is instruction + local Python scripts that run from the skill bundle. No network fetches or archive extraction are present in the manifest.
Credentials
The skill declares no required environment variables or credentials and even encodes an OAuth-first policy in program templates. Scripts read and sanitize file paths but do not require tokens or keys.
Persistence & Privilege
always:false and user-invocable; the skill does not request persistent elevated privileges or modify other skills. It writes artifacts to user-specified paths (campaign root) as expected for its purpose.
Assessment
This package appears coherent and focused on campaign scaffolding, but before running: (1) inspect scripts/sota_public_safety.py to confirm sanitize_url/sanitize_path/sanitize_ref behave as advertised (no accidental passthrough of raw CDP/websocket URLs or absolute secret-containing paths); (2) run the scripts in a dedicated campaign workspace (not your home or system dirs) as the docs recommend; (3) avoid running them in environments that expose secrets on the filesystem or environment variables until you've audited the sanitizers; (4) if you plan to pair with real browser/VM automation, review the execution lane code (in your paired data-science execution skill) to ensure no unintended network exfiltration or credential usage.

Like a lobster shell, security has layers — review code before you run it.

agentic-workflowsvk97d1fa210zjfjfzhjpqf75w8984km0vbenchmarkingvk97d1fa210zjfjfzhjpqf75w8984km0vcolabvk97d1fa210zjfjfzhjpqf75w8984km0vcomputer-visionvk97d1fa210zjfjfzhjpqf75w8984km0vdata-sciencevk97d1fa210zjfjfzhjpqf75w8984km0vgpu-trainingvk97d1fa210zjfjfzhjpqf75w8984km0vkagglevk97d1fa210zjfjfzhjpqf75w8984km0vlatestvk9769y06fhmr7wetjj5474983x84jkxymlopsvk97d1fa210zjfjfzhjpqf75w8984km0vopenclawvk97d1fa210zjfjfzhjpqf75w8984km0vreproducibilityvk97d1fa210zjfjfzhjpqf75w8984km0v

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Any binpython3, python

Comments