ClawHub

Openclaw Agent Optimize 1.2.1

v1.0.0

Use when: you want a structured audit -> options -> recommended plan to improve an OpenClaw workspace (cost, model routing, context discipline, delegation, r...

0· 149·3 current·3 all-time
by@zhouhuihui008
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description promise a workspace audit and optimization plan for OpenClaw; the skill is purely documentation/instructions and only references editing OpenClaw config, cron patterns, and memory files — all coherent with its stated purpose.
Instruction Scope
SKILL.md and the reference docs are advisory and repeatedly instruct not to apply persistent changes without explicit approval. They do reference reading/writing workspace files (memory/*.json, memory/*.md, memory/delegation_log.json) and propose exact config patches (e.g., disabling native heartbeat) — these file and config targets are expected for an optimizer, but any user should verify proposed diffs and backups before applying them.
Install Mechanism
There is no built-in install spec (instruction-only, lowest risk). README suggests installing via `npx clawhub install ...` or manual copying; that external npx install is outside the skill bundle and would pull code from ClawHub/npm at runtime — validate that source before running npx. The skill itself does not embed downloads or arbitrary install scripts.
Credentials
The skill requests no environment variables, no credentials, and no config paths beyond workspace-local files (memory/, references/, cron definitions). There are no disproportionate secret or credential requests.
Persistence & Privilege
always:false (not forced), and model invocation is allowed (normal). The skill can generate config/cron change proposals and exact patches; this is appropriate for its role but means you should not grant the agent permission to apply changes automatically without review. Autonomous invocation combined with user approvals could lead to persistent changes — the docs explicitly require approval before application.
Assessment
This skill is advisory and internally consistent with its stated goal. Before installing or acting on its recommendations: 1) review any exact config/cron patches it proposes and run them in a test/isolated session first; 2) backup your workspace (memory/, cron configs, and skill files) so you can rollback; 3) verify diffs and rollback steps the skill produces before applying changes; 4) if you run the suggested `npx clawhub install` command, confirm the ClawHub package/source you’re installing; and 5) do not grant the agent automatic permission to apply changes — require explicit approval for each persistent mutation. If you want deeper assurance, ask the skill to output a dry-run diff and a checklist of the exact files it will modify.

Like a lobster shell, security has layers — review code before you run it.

latestvk97en9xsyvdaegcnyka2teepd983jxhs

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🧰 Clawdis

Comments