Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
4skill
v1.0.0Create and manage Product Requirements Documents by defining user stories with acceptance criteria, ordering tasks by dependencies, and tracking progress.
⭐ 0· 56·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description (PRD authoring and tracking) align with the included JSON schema, templates, and workflows. However the references and runtime instructions assume the skill will invoke external agent CLIs (e.g., claude, opencode), perform git worktree operations, and commit code — capabilities consistent with 'implementing stories' but not explicitly declared (no required binaries, no required env vars, no config paths). The omission of expected requirements (agent CLI availability, git access) is noteworthy.
Instruction Scope
SKILL.md and references instruct agents to read and update prd.json and progress.txt (expected) but also recommend running persistent agent loops (example: while :; do claude --print --dangerously-skip-permissions ...) and to auto-checkout/create git branches and commit code. The explicit use of a --dangerously-skip-permissions flag and an infinite unattended loop grants wide autonomous power outside the skill metadata and is out-of-scope for a simple PRD authoring skill.
Install Mechanism
Instruction-only skill with no install spec and no code files; nothing is written to disk by the skill itself. This lowers installation risk.
Credentials
The skill declares no required environment variables, yet the instructions assume presence of external CLIs (claude, opencode) which typically require API keys or credentials, and also assume git credentials for creating branches and committing. The skill does not declare or justify these credentials or any config paths, creating a mismatch between declared requirements and actual instructions.
Persistence & Privilege
The skill is not force-enabled (always:false), but its documentation explicitly encourages running indefinite unattended agent loops that bypass permissions and autonomously modify a repository. That pattern increases blast radius if the user follows the instructions; combined with the instruction to skip permission checks, it is a meaningful operational risk.
What to consider before installing
This skill's templates and JSON schema are coherent for creating and tracking PRDs, but its runtime docs instruct running autonomous agent loops and a CLI flag that bypasses permissions. Before using: (1) Do NOT run the example infinite loop or any command containing --dangerously-skip-permissions unless you fully trust the agent binary and environment. (2) Expect to provide git credentials and agent/API keys locally — the skill does not declare or manage them. (3) If you want automation, run the agent in a tightly sandboxed environment or CI with least privilege and audit logs, and require manual approval before commits. (4) Inspect any agent prompts and progress.txt entries before allowing automated commits. If you cannot or do not want to run an autonomous agent with repository access, use the PRD templates manually instead.Like a lobster shell, security has layers — review code before you run it.
latestvk97by79b68ec12nbh8jcsg6nex83mgq7
License
MIT-0
Free to use, modify, and redistribute. No attribution required.