ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Agent Effect Operations

v0.0.2

AEO — Agent 效果运营平台。自动发现 Agent 效果漂移、诊断根因、运行 AI 数据闭环工具链,给出 AI 效果优化方案。Measure agent performance, attribute outcomes, track quality trends, optimize cost, and mo...

0· 11·0 current·0 all-time
byyuchangxu@yuchangxu1989-openclaw
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The name/description describe a full 'Agent Effect Operations' platform (monitoring, root-cause diagnosis, data-loop tooling, cost/SLA optimization). Yet the skill declares no dependencies, no environment variables, no config paths, and includes only a brief metadata description. A real implementation would normally require access to agent logs/metrics, storage, external APIs, or credentials; those are absent, making the stated purpose implausible as-is.
Instruction Scope
SKILL.md contains only a name and description and provides no runtime instructions, commands, or endpoints. That means the skill currently does nothing operationally — which is safe but also inconsistent with the functionality it advertises.
Install Mechanism
No install spec and no code files are present, so there is nothing to write to disk or execute. From an install-perspective this is low risk.
!
Credentials
The skill requests no credentials or environment variables despite promising integrations that normally require access to logs, metrics backends, or cloud services. This mismatch could mean the skill is unfinished or that necessary access will be requested later in an unexpected way.
Persistence & Privilege
The skill does not request always-on presence and uses default invocation settings. It does not declare any privilege to modify other skills or system-wide settings.
What to consider before installing
This skill's description promises substantial monitoring and optimization features but the package contains only a short description and no runtime instructions, installs, or credential requests. That usually means the skill is incomplete or a placeholder. Before installing or enabling it: (1) ask the publisher for a full SKILL.md describing exactly what it will read, what services/endpoints it calls, and what credentials it needs; (2) refuse to provide any secrets until you see a concrete implementation and a trustworthy source; (3) prefer skills that declare the minimal, specific env vars and APIs they need; and (4) if code is later added, review it (or request a security review) to confirm it does only what it claims. Because of the mismatch, treat this package as non-functional or unfinished rather than immediately useful.

Like a lobster shell, security has layers — review code before you run it.

latestvk972ycynhevv1qp8yhx33wd84h855dab
11downloads
0stars
2versions
Updated 46m ago
v0.0.2
MIT-0
yuchangxu@yuchangxu1989-openclaw
latest
Download

Agent Effect Operations

Comments

Loading comments...