Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
tinker-rlskill
v1.0.1Use this skill whenever the user mentions Tinker, tinker CLI, training runs, checkpoints, model fine-tuning with Tinker, tinker-cookbook, tinker recipes, or...
⭐ 0· 55·0 current·0 all-time
byLess@zjrwtx
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The skill's stated purpose (Tinker CLI/SDK/cookbook guidance) matches the included docs, but the SKILL.md instructs use of an API key, local config (~/.tinker/config.json), and interactions with Hugging Face / W&B. The skill metadata declares no required env vars or config paths; that mismatch is unexplained and disproportionate to an instruction-only cheat sheet.
Instruction Scope
SKILL.md tells the agent to read/check environment variables (TINKER_API_KEY), read/write ~/.tinker/config.json, run CLI commands, clone/pull Git repos, and pip-install packages. Those runtime actions involve accessing user config, network, and filesystem beyond mere in-chat help. The instructions also reference authenticating to Hugging Face and W&B (tokens) and checking network endpoints — all of which broaden the skill's runtime scope without being declared.
Install Mechanism
There is no install spec in the registry (instruction-only), which is lower risk. However the runtime doc instructs commands that will install code (pip install/--upgrade tinker, git pull + pip install -e .) and manipulate local files. The doc uses an unusual 'uv pip' invocation (likely a platform wrapper) — confirm what tool 'uv' is before running these commands.
Credentials
The metadata lists no required environment variables or config paths, yet the instructions explicitly require/describe TINKER_API_KEY (env or ~/.tinker/config.json) and describe authenticating to Hugging Face and W&B. Declaring no credentials while instructing the agent to access secrets and config files is a proportionality mismatch and should be fixed or explained.
Persistence & Privilege
The skill does not request 'always: true' and is user-invocable; there is no declared persistent system privilege. The instructions do suggest writing a local config file (~/.tinker/config.json) and installing packages if followed, but the registry does not auto-grant persistent privileges.
What to consider before installing
This skill is primarily a Tinker CLI/SDK cheat-sheet and cookbook reference, which is reasonable — but its runtime instructions expect you (or an agent) to: set or read TINKER_API_KEY, create/read ~/.tinker/config.json, run pip install and git pull, and authenticate to Hugging Face or W&B. The registry metadata lists no required env vars or config paths, which is inconsistent. Before installing or letting an agent run these commands: 1) Verify the skill source and the referenced GitHub repos yourself; 2) Confirm what 'uv pip' means in your environment; 3) Only provide API keys (TINKER_API_KEY, HF token, W&B key) if you trust the code and the exact commands being run; 4) Prefer to run installation and authentication steps manually in a controlled environment (not via an autonomous agent); 5) Ask the skill author/maintainer to declare required env vars and config paths in the registry and to avoid vague instructions that access user configs. These mismatches are not proof of malicious intent, but they are a clear coherence problem you should resolve before giving the skill access to secrets or running its install steps.Like a lobster shell, security has layers — review code before you run it.
latestvk977ycbhcpp0pajbevf9ydsm4983q9cg
License
MIT-0
Free to use, modify, and redistribute. No attribution required.