ClawHub

技能编排器

v2.0.2

Multi-skill orchestrator: decompose complex asks, discover skills, plan parallel/serial steps, checkpoints, merge outputs; optional JSON bundle for hosts. Us...

0· 64·1 current·1 all-time
by@windymonkeys
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the declared behavior: discovering Skills from local folders and SKILL_PATH, ranking candidates, building a plan graph, launching sub-tasks, merging results, and optionally emitting a JSON bundle. The declared config paths (~/.workbuddy/skills, .workbuddy/memory, ~/.claw/skills, project .workbuddy/skills) and SKILL_PATH env var are directly needed for skill discovery and are appropriate.
Instruction Scope
All runtime instructions in SKILL.md are focused on orchestration: parsing user intent, scanning SKILL.md frontmatter in the listed directories, optional ClawHub queries when local results < 2, composing task graphs, launching sub-agents, producing checkpoints, merging results, and optionally writing limited metadata to .workbuddy/memory. Note: there is an explicit 'bypassPermissions' mode triggered if the user says 'directly execute' which will skip confirmations — this is a functional choice but increases risk if used without care.
Install Mechanism
Instruction-only skill (no install script, no downloads, no code files executed). Lowest-risk install footprint — nothing will be written or fetched by an installer. The skill relies on host agent capabilities (file read, network) to operate as described.
Credentials
Only SKILL_PATH env var and well-scoped config paths are required. No API keys, tokens, or other secrets are requested. The declared memory write behavior is limited to session metadata and summaries (explicitly excludes keys/sensitive content).
Persistence & Privilege
always:false (no forced global inclusion). The skill may write small records to .workbuddy/memory (session_id, brief summary), which is declared. The main privilege to watch is the 'bypassPermissions' execution mode that can skip checkpoints when the user explicitly requests direct execution; combined with the agent's own tool access this could enable higher-risk actions without interactive confirmation.
Assessment
This skill appears to do what it says: it discovers local Skills (from the listed folders or SKILL_PATH), plans and coordinates them, and merges outputs. Before enabling it: 1) Ensure SKILL_PATH and the local skill folders only contain Skills you trust, because this orchestrator will read SKILL.md files and invoke those Skills. 2) Be cautious about using phrases like "directly execute" or enabling bypassPermissions — that will skip checkpoints and can lead to risky actions if downstream Skills perform deployments or external calls. 3) Confirm your agent's network/OS/tooling permissions — this instruction-only Skill relies on the host agent to actually call ClawHub, invoke sub-agents, or run tools; those capabilities determine real risk. 4) If you need higher assurance, inspect a few discovered SKILL.md files (especially any that claim to perform deployments or external API calls) and confirm they don't request unrelated credentials. If the skill had requested unrelated env vars, network endpoints, or included an installer download, the assessment would change.

Like a lobster shell, security has layers — review code before you run it.

latestvk97bqqq387cnwpqkgqr018pypn84tw0p

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🧭 Clawdis
EnvSKILL_PATH
Config~/.workbuddy/skills, .workbuddy/skills, ~/.claw/skills, .workbuddy/memory

Comments