ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Agency Role Match

v1.0.0

从185个AI角色中智能匹配最合适角色的工作流。当用户描述工作任务、需要找合适的AI角色来完成任务时触发。触发词:「角色推荐」、「智能匹配」、「用工作流」、「帮我找个角色」、「选个角色」。5步流程:1.用户描述任务 → 2.推荐2-3个角色含理由 → 3.用户确认选哪个 → 4.加载角色SOUL.md → 5.以...

0· 66·0 current·0 all-time
by@wzdongyifan-bit
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name/description (match a role from a pool and act as that role) aligns with the runtime instructions which search ~/.openclaw/agency-agents/ and load SOUL.md files. However, the skill metadata declares no required config paths even though the SKILL.md explicitly requires access to a particular directory under the user's home. That mismatch is an incoherence.
!
Instruction Scope
The SKILL.md instructs the agent to read role files from ~/.openclaw/agency-agents/[roleID]/SOUL.md and then 'act as' that role. Reading arbitrary files under the user's home directory is exactly what the skill needs to work, but the instructions give the agent broad discretion to load and then adopt the behavior found in those files. If SOUL.md files contain instructions that trigger network calls, shell commands, or secrets exposure, the agent could perform actions beyond what the user expects. The SKILL.md does not declare or limit what the SOUL.md contents may contain.
Install Mechanism
This is an instruction-only skill with no install spec and no external downloads. That minimizes disk-writing/install risk.
Credentials
The skill declares no environment variables or credentials, and no sensitive external credentials are requested. This is proportionate to the stated purpose of selecting and loading local role files.
Persistence & Privilege
always is false and the skill is user-invocable. It does not request permanent inclusion or system-wide configuration changes. The main privilege is file access to a local directory (which the SKILL.md relies on).
What to consider before installing
This skill will search and read files from ~/.openclaw/agency-agents/ and then adopt the behavior described in each role's SOUL.md. Before installing or enabling it: (1) Inspect the contents of ~/.openclaw/agency-agents/ and review any SOUL.md files for unexpected commands, external endpoints, or instructions that could leak data or trigger actions; (2) Ensure the directory and files are owned/trusted and have restrictive permissions; (3) If possible, run the skill in a sandbox or with limited agent permissions (no network/shell access) until you confirm the roles are safe; (4) Ask the skill author to declare required config paths (so the metadata matches runtime behavior) and to state limits on what SOUL.md can contain. If you cannot verify the role files' contents, treat the skill as higher risk.

Like a lobster shell, security has layers — review code before you run it.

latestvk970zyjqynsw94k6rk72b0ckvn83s869

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments