ClawHub

Build Session

v1.0.0

Facilitates focused autonomous sessions to build, create, or produce one concrete deliverable, then log and commit progress efficiently.

0· 1.4k·3 current·3 all-time
by@stevenartzt
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The SKILL.md describes a build-session framework and the repo contains only documentation plus two small helper scripts (task picker and session logger). The scripts and instructions (cron example, commit steps) are consistent with running focused build sessions; nothing requested or present appears unrelated to that purpose.
Instruction Scope
Runtime instructions stay within the session workflow: quick checks, pick a task, build, log, commit. The included scripts only read a user workspace (OPENCLAW_WORKSPACE or default $HOME/.openclaw/workspace), write markdown logs, and run a local 'git status'. There are no instructions to read unrelated system files or to send data to external endpoints.
Install Mechanism
There is no install specification (instruction-only skill). No downloads or archive extraction are performed, which minimizes install-time risk.
Credentials
No required environment variables, binaries, or credentials are declared. The scripts respect an optional OPENCLAW_WORKSPACE env var (defaulting to $HOME/.openclaw/workspace) — this is proportional and expected for a logging/picking tool. No secrets or unrelated service tokens are requested.
Persistence & Privilege
always is false and the skill does not request persistent privileged access or modify other skills. Model invocation is allowed (platform default), which is reasonable for an autonomously run productivity session skill.
Assessment
This skill appears safe and coherent, but review where it will write and run: by default it creates and writes logs under $HOME/.openclaw/workspace/memory (or the directory you set via OPENCLAW_WORKSPACE). Ensure that environment variable points to a dedicated, non-sensitive folder so logs and temporary files don't end up in sensitive locations. The SKILL.md suggests git add/commit/push — the scripts themselves only run git status, but if you follow the commit/push steps the agent or you will trigger network activity and will need valid git credentials; verify you are comfortable with that. If you plan to run this from a cron/autonomous agent, confirm the schedule and payload are appropriate. No network endpoints or secret exfiltration patterns were found in the files.

Like a lobster shell, security has layers — review code before you run it.

latestvk97c9893ytndq2a837zcsrbw0s80pqfg

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments