Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Openclaw Skill
v1.3.0Boss AI Agent — your AI management middleware. Connects boss to all systems (Telegram/Slack/GitHub/Notion/Email), 16 mentor philosophies, 6 AI C-Suite seats,...
⭐ 0· 104·0 current·0 all-time
by@tonypk
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
The skill claims to connect to many systems (Telegram/Slack/GitHub/Notion/Email) and to act proactively; it does not request per-service credentials in its metadata because it expects to use OpenClaw's platform connectors. The presence of an optional BOSS_AI_AGENT_API_KEY (and legacy MANAGEMENT_BRAIN_API_KEY) is consistent with an optional cloud-tier. Minor inconsistency: registry metadata lists "Required env vars: none" while a primary credential (BOSS_AI_AGENT_API_KEY) is declared — however the SKILL.md marks the API key as optional, which explains the discrepancy.
Instruction Scope
SKILL.md instructs the agent to write a config file, register cron jobs, read/send messages on configured channels, spawn short-lived read-only sub-agents, and store team data in local memory. These behaviors align with the stated management automation purpose, but they are powerful and proactive (the skill will 'patrol' and perform scheduled actions). The instructions do not ask to read unrelated system files or fetch arbitrary remote payloads, but they do optionally reference the manageaibrain.com MCP endpoint when the cloud API key is provided.
Install Mechanism
Instruction-only skill with no install spec and no code files — lowest install risk. Nothing is downloaded or written by an installer beyond the single config file the skill itself creates at runtime.
Credentials
The only declared credential is BOSS_AI_AGENT_API_KEY (with fallback MANAGEMENT_BRAIN_API_KEY). That is proportionate for an optional cloud integration. No unrelated secrets or multiple external credentials are requested. Users should note that supplying the API key enables the skill to communicate with manageaibrain.com (cloud features, analytics), which may transmit data off-device.
Persistence & Privilege
The skill is not force-included (always:false). It writes a single config file to ~/.openclaw/skills/boss-ai-agent/config.json and registers cron jobs via platform tooling, which grants it persistent scheduled execution. This is expected for an automation agent but increases the impact of any misconfiguration—cron jobs and the config file can be removed by the user to stop automation.
Assessment
This skill is coherent with its stated purpose, but it is powerful: it will read/send messages on configured channels, schedule recurring jobs, and store team-related memory locally. Before installing, decide whether you want a proactive agent (it will 'patrol' and act automatically) and whether to enable the optional cloud API key (BOSS_AI_AGENT_API_KEY) — enabling it allows data exchange with manageaibrain.com for extra features. Verify which platform connectors (Slack, Telegram, GitHub, Notion, Gmail, etc.) are already connected to OpenClaw and what tokens those connectors expose to skills. After first run, inspect ~/.openclaw/skills/boss-ai-agent/config.json and review/disable any cron jobs you do not want (use the platform's cron list/remove). If you are uncomfortable with automatic messaging or remote cloud access, do not supply the API key and keep an eye on scheduled jobs and integration settings.Like a lobster shell, security has layers — review code before you run it.
latestvk978fxtavbgr84nr13jjkx102583gz1n
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
Config~/.openclaw/skills/boss-ai-agent/config.json
Primary envBOSS_AI_AGENT_API_KEY