KernelGen FlagOS
v1.0.0Unified GPU kernel operator generation skill. Automatically detects the target repository type (FlagGems, vLLM, or general Python/Triton) and dispatches to t...
⭐ 0· 100·0 current·0 all-time
byFlagos@wbavon
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The skill claims to generate GPU kernels and to route to three specialized workflows; its instructions require repository inspection, environment checks, and calls to an external kernelgen MCP service. All requested capabilities (Read/Write/Edit/Glob/Grep/Bash and MCP tools) are reasonable for this purpose.
Instruction Scope
Instructions are detailed and stay within the stated workflow (detect repo type, run environment checks, invoke MCP, adapt returned code, submit feedback). They do read repository files and run diagnostic shell commands (e.g., Python imports, nvidia-smi), and the feedback sub-skill will attempt to auto-collect environment info. The only notable scope extension is explicit editing of the project agent config file (.claude/settings.json) to add MCP credentials — this is necessary to enable the MCP but is a privileged write that persists sensitive data.
Install Mechanism
This is an instruction-only skill with no install spec or downloaded code. It instructs using existing tools (pip, gh) when needed. No remote archive downloads or external install scripts are present in the package itself.
Credentials
The skill does not declare required environment variables, but it asks the user to supply an external MCP URL and JWT token and will write them into .claude/settings.json. It also performs runtime environment probes (torch/triton presence, CUDA, nvidia-smi) and may request package installs (with user consent for torch). Requesting and storing the MCP JWT is functionally necessary but sensitive — the token grants the MCP access to calls the skill will send (which may include code and repo context).
Persistence & Privilege
The skill instructs the agent to write/merge the MCP configuration (including a JWT) into .claude/settings.json in the project. This is a persistent, privileged modification of agent configuration and stores secrets locally; the action is justified by the skill's need to call the MCP but increases persistence and blast radius if the MCP or token is untrusted. always:false and autonomous invocation are normal and not set to escalate privileges.
Assessment
This skill appears coherent: it inspects your repository, runs environment checks, and delegates all code generation to an external kernelgen MCP service (it will not auto-generate kernel code locally). Before installing/using it, consider the following:
- The skill will ask you to provide an MCP service URL and a JWT token and will write/merge them into .claude/settings.json in the project. Only provide a token you trust and review the exact JSON the skill will write. Avoid pasting long-lived credentials you wouldn't want stored in your repo tree.
- The MCP is an external service (https://kernelgen.flagos.io per the docs). Generated code and some repository context will be sent to that service — do not configure it if you cannot share the repository contents or proprietary code with that external provider.
- The skill will run local diagnostics (python imports, nvidia-smi) and may propose pip installs for non-critical packages; it explicitly requires you to confirm torch installs (it will not auto-install torch). Review any install commands before consenting.
- The feedback sub-skill defaults to creating GitHub Issues (via gh) and will auto-fallback to email if gh is missing. If you prefer not to create issues, explicitly request email.
If you need stronger assurance, ask the publisher for: (1) the exact schema of what will be written to .claude/settings.json, (2) the MCP service privacy/retention policy, and (3) whether tokens can be scoped or time-limited. Refuse to provide tokens until you confirm those details.Like a lobster shell, security has layers — review code before you run it.
latestvk979t3j3fc0q3tx8zatffraa1x83ff51
License
MIT-0
Free to use, modify, and redistribute. No attribution required.