Request Approval
v1.0.0Use Preloop's request_approval tool to get human approval before risky operations like deletions, production changes, or external modifications
⭐ 1· 2k·5 current·5 all-time
by@yconst
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The name/description (requesting human approval before risky operations) matches the instructions and examples. Required resources (a configured Preloop MCP server and an API token in agent configuration) are exactly what this capability needs; there are no unrelated environment variables, binaries, or config paths requested.
Instruction Scope
SKILL.md limits its behavior to: gather context about intended risky operations, call the request_approval tool, wait for human decision, then act (or not) based on approval. Example commands (ls, rm -rf, gh pr create, npm install, run migrations) are shown only as the operations that would be gated by approval. The instructions do not ask the agent to collect or exfiltrate data outside this approval flow.
Install Mechanism
There is no install spec (instruction-only), which is low risk. One setup example includes configuring the agent to run an `npx` command ("npx -y @modelcontextprotocol/server-everything") to provide MCP transport; that step would cause runtime download and execution of npm package code if followed, so administrators should review/approve that action in environments that disallow remote code installs.
Credentials
The skill declares no required env vars and does not demand unrelated credentials. Setup docs explain storing a Preloop API token in the agent's MCP configuration (Authorization header), which is proportional for a tool that communicates with an external approval service. The skill itself does not attempt to read or exfiltrate other environment variables or secrets.
Persistence & Privilege
The skill is not always-enabled (always:false) and does not request elevated or system-wide persistence. It does not instruct modifying other skills' configs. Model invocation is allowed (default) which is normal for a skill designed to be called by agents.
Assessment
This skill appears to be what it says: an instruction-only policy for using a Preloop approval tool. Before installing, verify you trust the Preloop endpoint (https://preloop.ai or your self-hosted URL) and the skill author. Note the setup guidance may suggest running `npx` to provide MCP transport — avoid running that in locked-down environments without review because it downloads and executes code. Ensure an appropriate approval policy and approvers are configured in Preloop, and confirm any API token used is stored only in your agent's MCP config (not copied into public places). If you want higher assurance, ask the skill author for: (1) a canonical source repository or homepage, (2) a maintainer identity you trust, and (3) confirmation that the agent configuration steps are optional (i.e., you can use an existing, vetted MCP transport instead of running npx).Like a lobster shell, security has layers — review code before you run it.
approvalvk975qqvayrxxze3jt3b3r6fa01809zs3latestvk975qqvayrxxze3jt3b3r6fa01809zs3preloopvk975qqvayrxxze3jt3b3r6fa01809zs3safetyvk975qqvayrxxze3jt3b3r6fa01809zs3
License
MIT-0
Free to use, modify, and redistribute. No attribution required.