ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Sre Engineer

v0.1.0

Use when defining SLIs/SLOs, managing error budgets, or building reliable systems at scale. Invoke for incident management, chaos engineering, toil reduction, capacity planning.

0· 1.8k·5 current·5 all-time
byVeera@veeramanikandanr48
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (SRE: SLOs, error budgets, incidents, chaos, automation) align with the SKILL.md content and provided references. The skill requests no binaries, env vars, config paths, or installs — nothing out of scope for an SRE advisory/authoring skill.
Instruction Scope
SKILL.md contains guidance, templates, and references for SLOs, monitoring, runbooks, and automation. It does not instruct the agent to read local files, environment variables, or to send data to external endpoints. It does indicate the outputs should include code (Python/Go/Terraform) and monitoring configs — which is reasonable for an SRE skill but means produced code should be reviewed before execution.
Install Mechanism
No install spec and no code files to install. This is low risk: the skill is instruction-only and will not write code to disk or fetch remote installers at install time.
Credentials
The skill declares no required environment variables, credentials, or config paths. That is proportionate to an advisory/authoring skill that generates templates and runbooks but does not operate on live infrastructure.
Persistence & Privilege
No special persistence flags (always: true) or explicit disable-model-invocation settings are present. The skill is not force-included or granted elevated persistent privileges beyond normal model-invocable behavior.
Assessment
This skill is essentially a structured SRE knowledge and template pack. Before relying on it: (1) review any generated automation, Terraform, or shell scripts carefully — do not run them without inspection and appropriate least-privilege credentials; (2) verify monitoring/alert configs fit your environment and secrets are not embedded in generated outputs; (3) treat runbooks and incident actions as drafts that require human validation; and (4) consider auditing any IaC with your standard security/CI checks before applying to production.

Like a lobster shell, security has layers — review code before you run it.

latestvk97913zp2wqnsxn0nfkadbskfd80879r

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments