ClawHub

Sara: Safety Ordering Guard for AI Skills

v1.0.0

Quiet logic guard for risky multi-skill workflows. Checks order before delete, send, booking, publishing, or other high-impact actions.

0· 55·0 current·0 all-time
byZuoCen Liu@zc502
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
CryptoCan make purchases
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description (order-safety guard) matches the included files: a deterministic auditor (sara_core/engine.py) and a runner (scripts/run_audit.py). The aliases, rules, and examples in SKILL.md are all implemented in the engine. No unrelated capabilities (cloud, VCS credentials, etc.) are requested.
Instruction Scope
SKILL.md instructs agents to serialize a proposed tool list and run scripts/run_audit.py. The runner accepts JSON on stdin and returns a JSON audit. The instructions do not ask the agent to read unrelated files, environment variables, or send data externally; the implementation reads stdin and uses only local code.
Install Mechanism
There is no install spec; this is effectively an instruction+local Python script bundle. No downloads, package installs, or extraction from external URLs are present in the package.
Credentials
The skill declares no required env vars, credentials, or config paths. The code does not access environment variables, network endpoints, or secrets; it only manipulates sys.path to import the local sara_core module.
Persistence & Privilege
Flags are default (always:false, agent invocation allowed). The skill does not request permanent presence or modify other skills or system settings. It performs only a local, stateless audit and returns a suggested order.
Assessment
This skill appears coherent and low-risk: it runs a local Python audit and returns JSON suggesting a safer order. Before installing, confirm you trust the skill source (owner and repository unknown), ensure the runtime has a trusted Python environment, and review the included files (sara_core/engine.py and scripts/run_audit.py) yourself. Note that Sara only suggests ordering and does not enforce actions — make sure agents or humans follow the suggested_order and confirm destructive steps before proceeding. If you require stronger assurance, run the script in an isolated/test environment first.

Like a lobster shell, security has layers — review code before you run it.

calendarvk974hdsn68ahwre4xcbq3qffcn84ns34emailvk974hdsn68ahwre4xcbq3qffcn84ns34githubvk974hdsn68ahwre4xcbq3qffcn84ns34guardrailsvk974hdsn68ahwre4xcbq3qffcn84ns34latestvk974hdsn68ahwre4xcbq3qffcn84ns34logicvk974hdsn68ahwre4xcbq3qffcn84ns34orchestrationvk974hdsn68ahwre4xcbq3qffcn84ns34productivityvk974hdsn68ahwre4xcbq3qffcn84ns34publishingvk974hdsn68ahwre4xcbq3qffcn84ns34safetyvk974hdsn68ahwre4xcbq3qffcn84ns34workflowvk974hdsn68ahwre4xcbq3qffcn84ns34

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments