ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Agent Dev Toolkit

v1.0.0

Complete toolkit for building AI agents. Includes agent-builder, agent-browser, agent-wallet, agent-development, and agent-docs. Build, automate, and monetiz...

1· 1.5k·3 current·3 all-time
by@tobem0706

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for tobem0706/agent-dev-toolkit.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Agent Dev Toolkit" (tobem0706/agent-dev-toolkit) from ClawHub.
Skill page: https://clawhub.ai/tobem0706/agent-dev-toolkit
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Required binaries: node, npm
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install agent-dev-toolkit

ClawHub CLI

Package manager switcher

npx clawhub@latest install agent-dev-toolkit
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The skill is instruction-only documentation for building agent-related capabilities (builder, browser, wallet, docs). That high-level purpose matches the included SKILL.md and references. Minor inconsistencies: SKILL.md and INSTALL.md instruct use of the ClawHub CLI and a GitHub repo, but registry metadata only declares node/npm as required binaries (clawhub is not listed). The toolkit documents wallet/browser operations (which normally require keys, browser runtimes, or OS-level installs) but the skill declares no environment variables or config paths — this is explainable because the package is documentation-only, but users should expect additional manual configuration (credentials, browser runtimes) not declared here.
!
Instruction Scope
Many runtime instructions and included references instruct modifying user config and granting agents broad capabilities: e.g., edit ~/.bashrc to set NODE_OPTIONS, add allowlists in .claude/settings.json (WebFetch(domain:*), many Bash(...) patterns), and guidance to save/restore agent state. Those actions go beyond purely authoring agent prompts and materially change system and agent privilege posture. Additionally, a prompt-injection pattern ('ignore-previous-instructions') was detected in SKILL.md content, which could attempt to manipulate agent behavior at runtime.
Install Mechanism
This is an instruction-only skill with no install spec and no code files to execute — lowest install risk. INSTALL.md recommends installing a ClawHub CLI (npm install -g clawhub) and optionally cloning a GitHub repo; these are standard but rely on external tooling. No opaque downloads/extracts are present in the package itself.
!
Credentials
The toolkit recommends environment and configuration changes that are disproportionate for a docs bundle: system-wide NODE_OPTIONS export to increase Node heap, wildcard WebFetch(domain:*) allowlisting, and broad Bash allowlists. Those recommendations weaken isolation and broaden agent capabilities. The package describes wallet automation but does not declare any required credentials or clarify how secret keys should be provided or protected.
Persistence & Privilege
The skill does not request 'always:true' and is user-invocable only. However, many included documents recommend updating persistent user config files (.bashrc, .claude/settings.json, state files), which, when combined with default platform behavior that allows autonomous agent invocation, increases blast radius if the user follows the permissive recommendations. The package itself does not programmatically modify other skills or system configs, but it instructs users how to do so.
Scan Findings in Context
[prompt-injection-ignore-previous-instructions] unexpected: The pre-scan detected the pattern 'ignore-previous-instructions' in SKILL.md. Documentation for agent design sometimes shows example phrases, but this pattern is commonly used in prompt-injection attacks to try to subvert agent safety checks. Treat this as a red flag to review the exact locations and intent where such phrasing appears.
What to consider before installing
This package is mostly documentation and examples for building agents, but it contains instructions that would materially weaken safety if followed blindly. Before installing or applying its recommendations: 1) Verify the source — ask the author for the authoritative repository and confirm the GitHub URL and package owner (meta.json lists a repo, but registry source was 'unknown'). 2) Do not apply the suggested .bashrc or .claude/settings.json changes system-wide without review — especially the NODE_OPTIONS export and allowlisting WebFetch(domain:*) or broad Bash commands. Prefer per-shell or per-container testing. 3) Treat the wallet guidance as documentation only: never paste private keys or credentials into files unless you understand the storage and rotation model; prefer hardware or ephemeral key management and explicit human approval before any autonomous spend. 4) Run any risky experiments in an isolated VM or container, and avoid granting blanket agent permissions (WebFetch domain:*, Bash allowlists). 5) Inspect the SKILL.md and dependency files for the exact locations of the prompt-injection phrasing; if you plan to let agents act autonomously, add human-in-the-loop approvals for high-risk actions (downloads, eval, network proxies, payments). 6) If you need reassurance, request the publisher to provide a signed repository link, reproducible release artifacts, and explicit notes on how secrets and wallet operations are intended to be configured. If you want, I can point out the exact lines in the included files that recommend broad allowlists and environment edits so you can evaluate them or redact them before use.

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

Binsnode, npm
latestvk979c4kzjxsqy5099pv9rtqwks82fkxc
1.5kdownloads
1stars
1versions
Updated 22m ago
v1.0.0
MIT-0
@tobem0706
latest
Download

Agent Development Toolkit

完整的 AI Agent 开发工具包,包含 5 个核心技能,帮助你快速构建、自动化和变现 AI Agent。

📦 包含技能

1. Agent Builder

价值:$15

  • 设计和生成完整的 OpenClaw agent 工作区
  • 创建 SOUL.md, IDENTITY.md, AGENTS.md 等核心文件
  • 配置 agent 人格、边界和自主性
  • 快速迭代和优化 agent 行为

适用场景:

  • 创建新的 AI agent
  • 优化现有 agent 性能
  • 设置 agent 边界和安全规则

2. Agent Browser Core

价值:$20

  • Rust 驱动的高性能浏览器自动化
  • AI 友好的快照和引用系统
  • 支持复杂的 Web 交互流程
  • 生产级别的稳定性和性能

适用场景:

  • 网页数据抓取
  • 自动化测试
  • 表单填写和提交
  • 复杂的多步骤 Web 操作

3. Agent Wallet

价值:$25

  • 安全的 EVM 链钱包管理
  • 智能合约账户支持
  • 可配置的支出策略
  • 支持转账、交换和智能合约交互

适用场景:

  • Agent 自主支付
  • 加密货币交易
  • DeFi 协议交互
  • 多链资产管理

4. Agent Development

价值:$15

  • Claude Code agent 开发最佳实践
  • Task 工具委托模式
  • 模型选择和内存管理
  • 声明式指令设计

适用场景:

  • 构建 Claude Code agents
  • 优化 agent 性能
  • 解决 agent 内存问题
  • 创建 agent 管道

5. Agent Docs

价值:$10

  • AI 优化的文档编写指南
  • RAG 检索优化
  • Token 效率最佳实践
  • 混合上下文层级设计

适用场景:

  • 编写 SKILL.md 文件
  • 创建 API 文档
  • 编写 README
  • 任何需要被 AI 阅读的文档

💰 总价值:$85

打包价格:$29(节省 66%)

🚀 快速开始

1. 安装依赖

npm install -g clawhub
clawhub login

2. 安装工具包

clawhub install agent-dev-toolkit

3. 开始构建 Agent

# 使用 Agent Builder 创建新 agent
"帮我创建一个客服 agent,专注于电商领域"

# 使用 Agent Browser 进行网页自动化
"抓取这个网站的产品数据"

# 使用 Agent Wallet 管理支付
"创建一个新钱包,设置每日支出限制 $10"

📚 使用场景

场景 1:构建电商客服 Agent

  1. 使用 Agent Builder 设计客服人格
  2. 使用 Agent Docs 编写产品文档
  3. 使用 Agent Browser 自动查询库存
  4. 使用 Agent Wallet 处理退款

场景 2:构建内容创作 Agent

  1. 使用 Agent Builder 创建创作者人格
  2. 使用 Agent Development 优化性能
  3. 使用 Agent Browser 研究素材
  4. 使用 Agent Docs 生成 SEO 优化内容

场景 3:构建交易 Agent

  1. 使用 Agent Builder 设置风险边界
  2. 使用 Agent Browser 监控市场数据
  3. 使用 Agent Wallet 执行交易
  4. 使用 Agent Development 优化策略

✨ 核心优势

🎯 一站式解决方案

  • 包含构建 agent 所需的所有核心工具
  • 无需分别购买和集成多个技能
  • 统一的 API 和配置

💡 生产就绪

  • 所有技能都经过实战验证
  • 完整的错误处理和日志
  • 详细的文档和示例

🔧 高度可定制

  • 灵活的配置选项
  • 支持自定义扩展
  • 模块化设计

🚀 持续更新

  • 定期功能更新
  • 安全补丁
  • 社区支持

📖 文档

每个技能都包含详细的文档:

  • skills/agent-builder/SKILL.md - Agent 构建指南
  • skills/agent-browser-core/references/ - 浏览器自动化参考
  • skills/agent-wallet/SKILL.md - 钱包管理指南
  • skills/agent-development/SKILL.md - 开发最佳实践
  • skills/agent-docs/SKILL.md - 文档编写指南

🆘 支持

  • 文档:每个技能都有详细的 SKILL.md
  • 示例:包含多个实际使用案例
  • 社区:加入 OpenClaw 社区获取帮助

📄 许可证

MIT License - 可用于个人和商业项目

🔄 更新日志

v1.0.0 (2026-03-06)

  • 初始发布
  • 包含 5 个核心技能
  • 完整文档和示例

立即开始构建你的 AI Agent!

购买此工具包,你将获得:

  • ✅ 5 个高价值技能(总价值 $85)
  • ✅ 完整文档和示例
  • ✅ 未来更新
  • ✅ 社区支持

价格:$29(一次性购买,终身使用)

Comments

Loading comments...