ClawHub

SOTA Agent

v1.2.3

Public ClawHub skill for SOTA-focused CV and DS campaigns across OpenClaw notebooks, GUI-heavy workflows, and GPU VMs.

0· 112·0 current·0 all-time
by@zack-dev-cm
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (SOTA campaign management) matches the delivered artifacts: many helper scripts to initialize campaigns, candidates, leaderboards, browser run cards, VM bootstrap manifests, and render summaries. Required binaries (python3/python) are proportional to these tasks.
Instruction Scope
SKILL.md instructs the agent to run the bundled Python scripts and to confine outputs to a campaign workspace. The instructions explicitly warn about not leaking secrets and to sanitize browser/CDP endpoints. There are no instructions to read unrelated system files, access secrets, or call external endpoints beyond creating local artifacts.
Install Mechanism
There is no install spec (instruction-only), which minimizes install-time risk. However, the package includes ~16 Python scripts that will be run locally when invoked; users should inspect them before running. No downloads from external URLs or package installs are declared.
Credentials
The skill declares no required environment variables or credentials. The only runtime requirement is a Python interpreter (python3/python), which is expected for these scripts. The scripts use Path.resolve()/expanduser() for local paths and call a local 'sota_public_safety' sanitizer module to avoid exposing secrets.
Persistence & Privilege
The skill does not request permanent presence (always=false) and does not declare changes to other skills or global agent config. It writes local campaign artifacts when run, which is expected for its purpose.
Assessment
This skill appears coherent and focused on scaffolding and sanitizing SOTA campaign artifacts. Before running it: (1) inspect the included scripts—especially scripts/sota_public_safety.py (sanitizers) and the two omitted files—to confirm there are no unexpected network calls or credential reads; (2) run scripts in a dedicated campaign directory (as the SKILL.md recommends) or a disposable environment; (3) prefer running under a non-privileged user / virtualenv; (4) if you will attach browser automation or VM commands that the scripts describe, verify any CDP/websocket URLs and credentials are never written to durable outputs. If you cannot review the two omitted files, treat that as unknown risk and review them before use.

Like a lobster shell, security has layers — review code before you run it.

agentic-workflowsvk97f30y61pr3efameeteafj7jh83amfmbenchmarkingvk97f30y61pr3efameeteafj7jh83amfmcolabvk97f30y61pr3efameeteafj7jh83amfmcomputer-visionvk97f30y61pr3efameeteafj7jh83amfmdata-sciencevk97f30y61pr3efameeteafj7jh83amfmgpu-trainingvk97f30y61pr3efameeteafj7jh83amfmkagglevk97f30y61pr3efameeteafj7jh83amfmlatestvk97f30y61pr3efameeteafj7jh83amfmmlopsvk97f30y61pr3efameeteafj7jh83amfmopenclawvk97f30y61pr3efameeteafj7jh83amfmreproducibilityvk97f30y61pr3efameeteafj7jh83amfm

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Any binpython3, python

Comments