Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
DeepTask
v1.2.0AI 自动拆解需求与任务管理工具。实现 AI 自动拆解需求 → 人工审核 → AI 执行任务 → UT 验证 → **Git Commit** 的完整闭环。使用 SQLite 数据库管理项目、会话、子任务、MUF(最小功能单元)、单元测试。**核心特性:每完成一个 MUF 并通过 UT 后自动执行 git com...
⭐ 0· 52·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description promise (AI task decomposition, running unit tests, and auto git commits) matches the included scripts. The CLI, ai_worker, and db manager implement project/session/MUF lifecycle, run tooling (python/node/moon), run unit tests, write code files, initialize git, commit and verify commits — all coherent with the declared purpose.
Instruction Scope
Runtime instructions and code explicitly direct the agent to write code files into a workspace (default ~/.openclaw/workspace), run unit tests, execute subprocesses (python/node/moon/git), initialize git, and commit changes with structured messages. Executing AI-generated code and stored test_code from the DB means the skill will execute arbitrary code on the host. The SKILL.md/CLI do not require any explicit prior user confirmation for commits beyond the normal flow, and they operate on whatever project_dir/workspace is provided — raising risk of unintended commits or execution in sensitive folders.
Install Mechanism
No install spec; this is instruction+code only. No downloads or external installers are used. The code is bundled in the skill and will run via Python when invoked by the user/agent.
Credentials
The skill requests no environment variables or external credentials, which is proportionate. However it requires filesystem access to the user's workspace and will call system binaries (git, python3, node, moon) via subprocess. Because it writes files and executes them, filesystem and execution privileges are effectively required; those are normal for this tool but may be surprising to users who expect a safer/sandboxed operation.
Persistence & Privilege
The skill is not marked always:true and does not request elevated platform privileges. It stores state in a local SQLite DB under ~/.openclaw/deeptask.db and uses a workspace under ~/.openclaw/workspace — both are self-contained and expected for this application.
What to consider before installing
What to consider before installing/using DeepTask:
- The tool will create and write code files and run unit tests (it executes code on your machine). That means arbitrary code (AI-generated or stored tests) can run commands on your host — only use it where you trust the inputs (e.g., an isolated VM/container or an empty, disposable workspace).
- It will initialize git and automatically commit changes to whatever project directory you configure (default ~/.openclaw/workspace/project_<ID>). Ensure the workspace is not pointed at important repositories or directories containing secrets to avoid accidental commits of sensitive data.
- Review the bundled scripts (ai_worker.py, cli.py, db_manager.py) before running. Pay attention to how test_code or code_content from the DB is executed. If you need to run it, prefer a sandbox (container, VM) and disable network or restrict permissions where possible.
- Recommended mitigations: set workspace to an isolated directory, back up important repos first, inspect/approve generated code before letting the skill run cycles that auto-commit, and consider running under a user account with limited access. If you need higher assurance, request the full untruncated code paths for review of the unit-test execution functions (run_unit_test/_run_python_test/_run_moon_test) to audit how tests are invoked and whether they can spawn unbounded shell commands.Like a lobster shell, security has layers — review code before you run it.
latestvk97bqfx3qez9r7y4smga4726fn84j10t
License
MIT-0
Free to use, modify, and redistribute. No attribution required.