ClawHub

CS Coordinator agent

v0.1.1

Lightweight CS and engineering issue triage with skeleton-first intake, conservative severity/category routing, ownership recommendation, no-response follow-...

0· 33·0 current·0 all-time
by@yonghyeokrhee
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
CryptoCan make purchases
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description describe CS/engineering triage; the skill is instruction-only and asks only for building issue skeletons, classifying, recommending owners, and optionally writing to a tracker or local log — all consistent with a coordinator/triage role.
Instruction Scope
SKILL.md contains concrete triage rules, output shapes, and optional patterns for either an issue tracker or local JSONL/markdown logs. It does not instruct the agent to read unrelated system files, exfiltrate data, call arbitrary external endpoints, or access credentials. It does recommend writing to trackers or local files, which is expected for its purpose.
Install Mechanism
No install spec and no code files are included (instruction-only), so nothing will be downloaded or written by the skill itself during install.
Credentials
The skill declares no required environment variables, credentials, or config paths. The mentions of trackers (e.g., Linear) are advisory; the skill does not itself request/provide credentials.
Persistence & Privilege
always is false and the skill does not request persistent elevated privileges. It suggests writing durable records to an issue tracker or local log, which is appropriate for its role, but those external systems would require explicit credentials supplied separately by the user/runtime.
Assessment
This skill is instruction-only and internally coherent for triage work, so technical risk from the skill itself is low. Before enabling it in a live agent: (1) be mindful of customer data sensitivity — the outputs include customer identifiers and payment/order references, so only run in environments where those logs are allowed; (2) do not supply tracker credentials (e.g., Linear API keys) unless you trust the agent/runtime and understand what actions it will take in your tracker; (3) if you use the suggested local log option, ensure the agent runtime’s filesystem permissions and retention policies meet your privacy/compliance needs; (4) review the agent’s runtime prompts and integration settings to confirm it won’t be granted broader system/network access than intended. If you want stronger assurance, request a version that explicitly documents how it will authenticate to trackers and a manifest of exactly what files/paths it will read or write at runtime.

Like a lobster shell, security has layers — review code before you run it.

latestvk970340pv60w27g3rr6zrd5ghs84va97

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments