ClawHub

Agent Docs

v1.0.0

Create documentation optimized for AI agent consumption. Use when writing SKILL.md files, README files, API docs, or any documentation that will be read by LLMs in context windows. Helps structure content for RAG retrieval, token efficiency, and the Hybrid Context Hierarchy.

4· 2.6k·10 current·10 all-time
by@tylervovan
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the actual content: the SKILL.md and reference file are documentation guidance for agent-consumable docs. The skill requests no binaries, env vars, or installs — which is appropriate for an authored-guidance skill.
Instruction Scope
The runtime instructions stay within the stated purpose (how to structure AGENTS.md / llms.txt / RAG-friendly docs). They recommend reading local docs (e.g., using read_file) which is expected. A prompt-injection pattern was detected by the scanner, but it appears inside examples and an OWASP-style discussion demonstrating attacks and mitigations — so its presence is likely educational rather than malicious. Still: any agent implementation using this skill should sanitize fetched external content and follow the listed mitigations.
Install Mechanism
No install spec and no code files — lowest-risk model. Nothing will be written to disk or fetched on install by the skill itself.
Credentials
The skill declares no env vars or credentials. Example snippets showing process.env or GET requests are illustrative of attack vectors and mitigation, not actual requirements. There is no unexplained credential access.
Persistence & Privilege
always is false, and the skill does not request persistent privileges or modify system/agent-wide configs. Autonomous invocation is allowed (platform default); this is reasonable for a guidance skill but operators should be mindful of agent tooling the skill is used with (see guidance).
Scan Findings in Context
[ignore-previous-instructions] expected: The phrase/pattern appears in the SKILL.md as an example of prompt injection and in the security/hardening section. Its presence is expected in a document that teaches about prompt-injection attacks, but it is also the exact pattern adversaries use — treat it as a warning, not proof of malicious intent.
Assessment
This skill is an authored guide for writing LLM-friendly documentation and is internally consistent with that purpose. It doesn't request credentials or install anything. Before you install or let agents use it autonomously, verify that: (1) your agent enforces domain allow-lists and sanitizes any external content the agent might fetch (the skill itself emphasizes this); (2) AGENTS.md/llms.txt files do not contain secrets or credentials; and (3) any automated retrieval tooling has human review or gating for external sources. The scanner flagged an "ignore-previous-instructions" pattern, but it appears as an educational example in the docs — still treat it as a reminder to implement prompt-injection mitigations.

Like a lobster shell, security has layers — review code before you run it.

latestvk97032q64v6jxsqg6mbjqty33n80bswp

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments