ClawHub

autoresearch

v1.0.2

Autonomous experiment loop for AI agents. Use when the user wants to run systematic experiments — optimizing hyperparameters, searching for better configurat...

2· 1.8k·29 current·29 all-time
byThomas@thomas-security·duplicate of @thomas-security/skill-antivirus
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
The skill claims to run autonomous experiments on a codebase and its instructions explicitly use git, edit files, run arbitrary user-specified commands, and read/write project files — which is coherent with the described purpose. One minor inconsistency: the registry metadata lists no required binaries, but correct operation implicitly requires git and whatever binaries the user-specified run_command uses (python, make, npm, etc.).
Instruction Scope
SKILL.md stays on-purpose: it asks the agent to (1) obtain a clear protocol from the user, (2) only modify explicitly-declared target files, (3) commit changes, run the user-provided command, extract a metric, and record results. It does allow the agent to run arbitrary run_command and arbitrary extract commands provided by the user (which is expected) and to read target and read-only files for context.
Install Mechanism
No install spec or code files are included (instruction-only), so nothing will be downloaded or written by an installer. This minimizes install-time risk.
Credentials
The skill declares no required environment variables or credentials, which matches the instruction-only design. However, actual experiments will typically depend on binaries and possibly credentials (e.g., dataset access, package registries, cloud resources) that are not declared — the user must supply or ensure those exist. The skill does not itself request unrelated secrets.
Persistence & Privilege
always:false (no forced inclusion) and default autonomous invocation is unchanged. The skill's allowed-tools (exec, sessions_spawn, read, write, edit, grep, find, ls) grant it the ability to modify repository files and run arbitrary processes — appropriate for the task but high-privilege in practice. The skill does not request persistent system-wide modifications in its instructions.
Assessment
This skill is an instruction-only autonomous experiment runner and behaves as advertised, but it will be able to edit files in your repository and run arbitrary commands you tell it to. Before installing or invoking it: 1) Ensure you run it in a safe/sandboxed environment (not on production code or sensitive repos). 2) Provide a narrow explicit list of TARGET FILES and robust READ-ONLY constraints in autoresearch.config.md so the agent cannot change unrelated files. 3) Confirm git and any required runtime binaries (python, make, npm, etc.) exist where you run the agent. 4) Avoid giving it access to secrets or credentials unless absolutely necessary; prefer local test datasets and non-production resources. 5) Review commits on the created branch before pushing to any remote. 6) If you want to reduce risk, disable autonomous invocation or run the skill with restricted allowed-tools if your platform supports that. These precautions will reduce the chance of accidental data leakage or unwanted code changes.

Like a lobster shell, security has layers — review code before you run it.

latestvk97dngzfddz365aq3ywcrdn0gn832yt0

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments