NoPUA Lite

v2.0.0

NoPUA Lite — core wisdom in ~1.5k tokens. Drives AI with trust and inner motivation instead of fear. Same Daoist philosophy, minimal footprint. For personal...

⭐ 0· 61·0 current·0 all-time

by无极WUJI@wuji-labs

MIT-0

Download zip

LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.

Security Scan

VirusTotal

Benign

View report →

OpenClaw

Benign

high confidence

✓

Purpose & Capability

The name/description promise a lightweight, motivational troubleshooting policy. The SKILL.md contains behavioral guidance for failing tasks and debugging (read sources, verify, escalate) which matches that purpose. No unexpected credentials, binaries, or installs are requested.

ℹ

Instruction Scope

The instructions tell the agent to 'use search, file read, and command tools' and to read source code, run builds/curls, and paste outputs. Those actions are coherent for debugging tasks, but the skill is explicit that it applies to "all task types," which gives it broad scope to probe files/commands beyond narrowly technical contexts. Consider whether you want this proactive behavior enabled for non-technical or sensitive workflows.

✓

Install Mechanism

No install spec and no code files — lowest-risk distribution. Nothing is downloaded or written to disk by the skill itself.

✓

Credentials

The skill declares no environment variables, credentials, or config paths. It does instruct the agent to use available tools, but it does not request new secrets or unrelated service tokens.

✓

Persistence & Privilege

always is false and the skill does not request persistent system changes or other skills' config. It is user-invocable and can be invoked autonomously per platform defaults — not itself a red flag here.

Assessment

This skill is a behavioral prompt that tells your agent to proactively investigate failures (read files, run commands, curl, paste outputs). That is consistent with a debugging helper but gives the agent broad authority to access whatever tools the host grants it. Before installing: (1) confirm which runtime tools the agent actually has access to (file read, shell, network) and whether those should be allowed for the contexts you plan to use this skill in; (2) avoid enabling it in sessions that may handle sensitive data unless you restrict tool permissions or test in a sandbox; (3) if you want narrower behavior, request or edit a version that limits activation to technical/debugging tasks only. If you want additional assurance, provide the SKILL.md to an admin to review expected agent privileges and run a controlled test.

Like a lobster shell, security has layers — review code before you run it.

latestvk97ays9hyqxg8xk18bq63t7jfn83yvvf

License

MIT-0

Free to use, modify, and redistribute. No attribution required.

Termshttps://spdx.org/licenses/MIT-0.html

NoPUA Lite

License

Comments