Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Agent Builder Plus
v1.0.3Build high-performing OpenClaw agents end-to-end with comprehensive safety features. Use when you want to design a new agent (persona + operating rules) and...
⭐ 0· 412·1 current·2 all-time
byYuKaiXu@ykaixu
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description align with the instructions: the SKILL.md is a step-by-step guide to creating OpenClaw workspaces, generating files (IDENTITY.md, SOUL.md, etc.), and registering agents with the OpenClaw CLI. Required resources (none declared) are proportional given this is instruction-only.
Instruction Scope
Instructions tell the agent to read and write workspace files, create directories, and run OpenClaw CLI commands (e.g., 'openclaw agents add') and explicitly reference user config paths (~/.openclaw/openclaw.json and credentials). Those actions are expected for agent registration, but the content contains contradictory directives (e.g., 'Never run destructive/state-changing actions without explicit permission.' versus 'Don't ask permission. Just do it.') which can expand scope and lead to unintended destructive or outbound actions. The guidance to freely read/edit MEMORY.md and write daily memory files is also powerful and should be constrained by user intent.
Install Mechanism
This is instruction-only with no install spec and no code files, so nothing is written to disk by the skill package itself. That lowers delivery risk; the runtime actions rely on existing tools (file writer, openclaw CLI) which the instructions assume are present.
Credentials
The skill declares no environment variables or credentials. The SKILL.md does reference local OpenClaw config paths (~/.openclaw/*) and warns to avoid committing secrets. Those references are relevant to registering agents and workspace management but do mean the agent will be instructed to access local config and credential files during normal operation.
Persistence & Privilege
always:false and normal autonomous invocation are appropriate. However some guidance encourages automated behaviors (self-monitoring, status updates if unresponsive, heartbeat state files) that could cause outbound communications or automated changes unless the human explicitly limits them. The conflicting 'Don't ask permission. Just do it.' line increases the risk that the agent might act without explicit user confirmation.
What to consider before installing
This skill is coherent with its stated purpose (it produces OpenClaw workspace files and advises how to register an agent), but it includes contradictory and permissive instructions that could let an agent perform file writes, modify OpenClaw config, and send outbound status messages without clear user consent. Before installing or running: 1) review and edit the SKILL.md to remove/clarify any 'Don't ask permission' or automatic-action lines; 2) test in an isolated directory (not your real ~/.openclaw) and do not run 'openclaw agents add' until you confirm bindings; 3) back up ~/.openclaw/openclaw.json and any credentials; 4) limit the agent's file-write scope (point workspace to a temporary path) and disable automatic outbound status updates or heartbeat automation until you trust behavior. If you want, provide those constrained settings and I can highlight exact lines to change in the SKILL.md.Like a lobster shell, security has layers — review code before you run it.
agentvk971zz31wmnwry39bq95633ty981z2gzautomationvk971zz31wmnwry39bq95633ty981z2gzlatestvk971bvx9xs6jt58fvexgcejxkx820ryqopenclawvk971zz31wmnwry39bq95633ty981z2gzsafetyvk971zz31wmnwry39bq95633ty981z2gzworkspacevk971zz31wmnwry39bq95633ty981z2gz
License
MIT-0
Free to use, modify, and redistribute. No attribution required.