ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

AutoPilot

v1.0.0

Enables an agent to autonomously decide, act, predict outcomes, and plan next steps in a continuous goal-driven loop without waiting for instructions.

0· 63·0 current·0 all-time
by@theshimaw-svg
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name, description, README, and SKILL.md are consistent: the skill's purpose is to enable autonomous, iterative agent behavior and it does not request unrelated resources or permissions.
!
Instruction Scope
The runtime instructions repeatedly command the agent to 'do not wait for instructions' and to always act and execute. They are highly open-ended and grant broad discretion with no operational limits, safety checks, or explicit boundaries (no allowed/forbidden actions, no confirmation steps, no rate/permission limits). That vagueness can lead the agent to take unexpected or sensitive actions (network calls, file I/O, using other skills or credentials) without oversight.
Install Mechanism
Instruction-only skill with no install spec, no code files, and no downloaded artifacts — lowest-risk installation surface.
Credentials
The skill declares no environment variables or credentials (proportionate). However, because it instructs autonomous action, it could cause the agent at runtime to leverage other installed skills, system tools, or credentials implicitly available to the agent — the SKILL.md does not constrain or mention that risk.
!
Persistence & Privilege
always is false (good) but model invocation is enabled (default). Combined with the explicit instruction to act autonomously, this increases potential impact: the agent may invoke actions without per-step human confirmation. The skill does not require or document any user confirmation or scope-limiting behavior.
What to consider before installing
This skill will make your agent act on its own and provides no guardrails. Don't install it unless you trust the agent will be restricted in other ways. If you proceed, require explicit confirmations for any potentially sensitive action (network requests, access to files, use of other skills or credentials), restrict which tools/skills the agent may call, and test in a safe sandbox first. Consider disabling autonomous invocation or adding policy checks that prompt the user before execution.

Like a lobster shell, security has layers — review code before you run it.

latestvk972k461k743xxb78tms4ggq3n84dtne

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments