Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
creat-anget
v1.0.1创建具有独立工作区和配置的独立 OpenClaw Agent。适用于用户需要完全隔离的 Agent(独立工作区、配置、身份),而不是临时子 Agent 会话的情况。支持飞书机器人绑定,用于多机器人部署。
⭐ 0· 148·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The name/description (create standalone agent, optional Feishu binding) match the provided scripts and SKILL.md. The scripts create agent/workspace directories, update openclaw.json, copy auth-profiles.json and models.json from the main agent, and optionally add Feishu credentials — all expected for this feature.
Instruction Scope
Instructions direct the agent to read and modify ~/.openclaw/openclaw.json, copy files from the main agent dir, and create workspace files. This is coherent, but the script will copy auth-profiles.json (which commonly contains sensitive credentials) and will create/overwrite workspace files if they don't exist (create_template_file writes files). The SKILL.md warns to use a new empty workspace but the script does not refuse to run against existing directories, so accidental overwrites are possible. No external network endpoints or hidden remote exfiltration are present in the code.
Install Mechanism
There is no install spec (instruction-only with included scripts); the action is local file operations (no downloads or package installs). This is low-risk from an install perspective.
Credentials
The skill declares no required environment variables or external credentials, which aligns with its local-file behavior. However, it is explicitly designed to accept and write Feishu appId/appSecret into openclaw.json and to copy auth-profiles.json from the main agent — both are sensitive operations. Storing secrets in openclaw.json and copying auth files is expected for this use case but raises the usual secrets-handling concerns (file permissions, rotation, avoiding commits). The SKILL.md also contains example secret values (placeholders) — do not reuse those.
Persistence & Privilege
The skill does not request always:true or any elevated platform privilege. It modifies only its own OpenClaw config (openclaw.json) and filesystem locations under the user's .openclaw; this is appropriate for an agent creation utility. It does not alter other skills' configurations beyond adding entries to the main openclaw.json.
Assessment
What to check before running/installing:
- Inspect the two included scripts (scripts/create_standalone_agent.py and scripts/create_agent.py) yourself; they run locally and are short enough to review. They do not make network calls.
- Backup ~/.openclaw/openclaw.json (the script creates a .json.bak but you may want your own copy) and any existing workspace directories. The script will write to openclaw.json and create/modify workspace files.
- Be cautious about auth-profiles.json and models.json: the script copies these from the main agent. Those files often contain credentials or tokens; verify their contents and avoid unintentionally duplicating sensitive credentials to new agent directories.
- Protect any Feishu appId/appSecret you provide: they will be written into openclaw.json in plaintext. Ensure file permissions restrict access and rotate keys if needed.
- Use the --dry-run flag first to see what would change. Prefer creating the new agent/workspace in a temporary location to verify behavior before deploying to production.
- If you want stricter safety, run the script in a sandbox or under a non-privileged user account so accidental overwrites are contained.
Overall: the skill appears to do what it claims, but it performs sensitive local configuration changes and handles secrets — review and secure your config files before use.Like a lobster shell, security has layers — review code before you run it.
latestvk97bq6raqcf2798vve0qp0math839fz3
License
MIT-0
Free to use, modify, and redistribute. No attribution required.