ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Philosophical Three Questions

v0.1.0

A structured decision framework for embodied navigation using Goal Tree, Current State Tree, and Future Tree analysis. Use when: making navigation decisions...

0· 94·0 current·0 all-time
by@the0xka1
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name and description (embodied navigation planning for Habitat-GS) match the SKILL.md content: Goal/Current/Future tree decision loop. However the SKILL.md also instructs writing persistent memory to ~/.openclaw/workspace and later 'updating this skill file' or creating new skills — capabilities not declared in the metadata and which expand the skill's operational footprint beyond a pure reasoning template.
!
Instruction Scope
Instructions are explicit about per-step reasoning and logging episodes to ~/.openclaw/workspace/memory/YYYY-MM-DD.md and about reviewing memory to extract strategies and 'update this skill file' or 'create new specialized skill'. Those are file I/O and code-authoring actions (modifying/creating skill files) that grant the agent write access to the agent workspace and skill codebase — not declared or constrained in the metadata.
Install Mechanism
There is no install spec and no code files to execute; this is instruction-only, which minimizes risk from third-party binaries or downloads.
Credentials
The skill requests no credentials or environment variables. It does, however, require read/write access to a persistent path in the user's home (~/.openclaw/workspace). Writing persistent memory is reasonable for a navigation skill, but persistence into the user's home should be explicitly declared and permissioned.
!
Persistence & Privilege
always:false and autonomous invocation are normal. The concern is the explicit instruction to persist memories and to 'update the skill file' or create new skills: that implies the agent may modify skill definitions or write new code/config files in the environment. Modifying other skills or the skill codebase is a higher-privilege action that is not reflected in the skill metadata.
Scan Findings in Context
[no_regex_findings] expected: This is an instruction-only skill with no code files; the regex-based scanner had nothing to analyze. Absence of findings is expected but not proof of safety.
What to consider before installing
This skill's reasoning model and memory format are consistent with an embodied-navigation helper, but it explicitly instructs the agent to write persistent memory into ~/.openclaw/workspace and to later update or create skill files. Before installing, consider: 1) Do you want the agent to write logs and derived skills into your home workspace? 2) Who reviews any new/modified skill files the agent would create? 3) Run the skill in a sandboxed environment first (restricted filesystem access, no sensitive mounts) and back up your skills/configs. If you allow it to persist and modify files, require explicit, auditable approvals for any skill-creation or skill-edit actions and monitor the workspace path for unexpected writes. If you are not comfortable with the agent editing skill files, ask the author to remove or tighten the self-update instructions or provide a configuration option that disables writing/modifying skill files.

Like a lobster shell, security has layers — review code before you run it.

embodied-aivk97cmjkft3mpdb9h32qjsvkh65834ve3latestvk97cmjkft3mpdb9h32qjsvkh65834ve3navigationvk97cmjkft3mpdb9h32qjsvkh65834ve3planningvk97cmjkft3mpdb9h32qjsvkh65834ve3reasoningvk97cmjkft3mpdb9h32qjsvkh65834ve3

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments