ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Auto Workflow 1.0.0

v1.0.0

Builds automation workflows from repetitive tasks. Use when user mentions "automate", "save time", "reduce manual work", or has repeated tasks.

0· 44·1 current·1 all-time
by@zhangyingzhuangk
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name/description match the instruction content: the skill is an instruction template for turning repeated tasks into workflows and scripts. However, the SKILL.md implies generating and executing scripts and collecting 'system state' while the skill declares no required binaries, config paths, or environment access — a mismatch between suggested capabilities and declared requirements.
!
Instruction Scope
The instructions explicitly tell the agent to '直接做,不等用户要求' ('do it directly, don't wait for the user') and to 'collect data (system state)' in examples. That gives the agent broad discretion to build and run automations and to read system state without explicit user approval or defined limits. It lacks any requirement to obtain user consent, minimize scope, or avoid sensitive data.
Install Mechanism
Instruction-only skill with no install spec and no code files — lowest risk from installation because nothing is written to disk by the skill itself.
Credentials
No environment variables, credentials, or config paths are requested (proportionate on paper). But the documented behavior (generating/executing scripts, reading 'system state') would typically require file or system access; those accesses are not declared or constrained, creating ambiguity about what permissions are actually needed/used.
Persistence & Privilege
The skill is not forced-always and is user-invocable; model invocation is allowed (the platform default). The main concern is the SKILL.md's directive to act proactively — combined with agent autonomy this increases risk, but the skill itself does not request persistent presence or cross-skill configuration changes.
What to consider before installing
This skill is an instruction template that tells the agent to detect repetition and immediately build/execute automations and to 'collect system state.' Before installing, confirm how your agent/platform enforces user consent and execution permissions: ensure the agent cannot run scripts or read files without explicit authorization, and require the skill to document exactly what data it will access and to ask for user approval before executing any automation. Ask the author to add explicit consent/confirmation steps, scope limits (what paths or systems it may read), and a safe sandbox for test runs. Because the SKILL.md encourages proactive action, treat it as higher-risk unless you control the agent's runtime permissions.

Like a lobster shell, security has layers — review code before you run it.

latestvk97b48h89h86pcyj6z10f26y1d84vzj3

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments