Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Auto Workflow 1.0.0 (1)
v1.0.0Builds automation workflows from repetitive tasks. Use when user mentions "automate", "save time", "reduce manual work", or has repeated tasks.
⭐ 0· 43·1 current·1 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name and description align with the SKILL.md: the skill is about building automations. However, the instructions explicitly mention collecting data (e.g., '系统状态') and producing '执行脚本' (execution scripts) — activities that normally require filesystem/command access or credentials. The skill declares no required binaries, env vars, or config paths, so the implied need for system access is not documented.
Instruction Scope
SKILL.md instructs the agent to treat repetition as a trigger to '直接做,不等用户要求' (do it immediately rather than waiting for user request). It also prescribes generating automation and execution scripts and collecting system data in examples. These are broad runtime actions (read system state, write/execute scripts) but the instructions lack limits, explicit consent steps, or safe-handling guidance — scope creep and potential for unauthorized actions.
Install Mechanism
Instruction-only skill with no install spec, no code files to run, and nothing written to disk by the installer. This minimizes supply-chain/install risk.
Credentials
The skill requests no environment variables, credentials, or config paths. That is consistent with the package metadata, but inconsistent with the SKILL.md's operational examples (collecting system state, creating scripts). The skill may therefore implicitly require access it does not declare.
Persistence & Privilege
The skill is allowed to be invoked autonomously (platform default). Combined with the instruction to proactively 'just do it' when repeating tasks are observed, this raises risk that the agent could autonomously create/execute automations without explicit user confirmation. The skill itself does not set 'always:true', but its guidance effectively encourages autonomous actions.
What to consider before installing
This skill is coherent in purpose but vague and potentially risky at runtime. Before installing, confirm with the author how the agent will behave: Will it merely propose automations or will it create, write, or execute scripts? Ask for explicit limits and consent steps (e.g., 'always ask before creating or running a script'), and prefer a version that documents required permissions and exactly what system data it will access. If you enable it, test in a restricted/sandboxed environment first and ensure the agent cannot execute scripts or access sensitive files without your explicit approval.Like a lobster shell, security has layers — review code before you run it.
latestvk97c719gjct540f2d7mkjf09jh84tqfw
License
MIT-0
Free to use, modify, and redistribute. No attribution required.