Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
7skill
v1.0.0Create and manage Product Requirements Documents (PRDs) with user stories, acceptance criteria, and prioritized task tracking for feature implementation.
⭐ 0· 58·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description (PRD creation and management) aligns with the files and instructions: the skill is instruction-only and tells agents to create/edit agents/prd.json, produce user stories, run checks, and update progress. There are no unrelated required binaries, env vars, or config paths.
Instruction Scope
SKILL.md and references explicitly instruct autonomous agents to read the repo, checkout/create branches, implement code, run typechecks/tests, commit changes, and mark stories complete. The agent-usage examples include a persistent loop using 'claude --print --dangerously-skip-permissions' which bypasses permission prompts — this grants an agent broad autonomous write/execute capability over a codebase and is beyond a passive PRD authoring tool. While these actions are coherent for an 'AI-implementing-PRD' workflow, recommending permission-skipping unattended loops is a safety concern.
Install Mechanism
No install spec and no code files (instruction-only). This minimizes disk footprint and supply-chain risk: nothing is downloaded or executed by the skill itself.
Credentials
The skill declares no required environment variables or credentials, which is proportionate. However, the instructions rely on external agent CLIs (e.g., claude, OpenCode) that in practice may need API keys/credentials — the skill does not request or document these, leaving the user to supply them. That omission is not necessarily malicious but means credential handling happens outside the skill and should be audited by the user.
Persistence & Privilege
always:false and the skill does not request system-wide changes or modify other skills. Still, it encourages running a persistent agentic loop that continually modifies a repo; autonomous invocation combined with the permission-bypass example increases blast radius if run without proper safeguards.
What to consider before installing
This skill is coherent with its PRD purpose, but pay attention to the runtime instructions recommending unattended agent loops and use of '—dangerously-skip-permissions'. Before installing or running:
- Do not run the suggested unattended loop against a production repository. Test in a disposable clone/worktree or sandbox.
- Avoid using '—dangerously-skip-permissions' or any option that silences user consent; require manual approval for each agent action until you trust behavior.
- Ensure any agent CLI (claude, OpenCode) credentials are stored and scoped appropriately; the skill does not request or manage credentials.
- Review and approve every commit produced by the agent (use code reviews or gating CI) before merging or pushing.
- Limit network access and secrets available to the environment running the agent; remove keys not needed for the test run.
If you want a lower-risk setup: run agents manually per-story (human-in-the-loop) rather than using the persistent unattended loop. If the skill had bundled code that executed these loops or requested unrelated credentials, the assessment would be more severe; as-is, the primary concern is the recommended permission bypass and unattended automation.Like a lobster shell, security has layers — review code before you run it.
latestvk976v471rbjpse4yzm19yw4e6d83n20k
License
MIT-0
Free to use, modify, and redistribute. No attribution required.