Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
OpenClaw 集中配置管理系统
v1.2.0为 OpenClaw 构建集中化配置管理系统,告别硬编码和配置分散,实现"改一处,生效全局"的现代化运维体验。包含配置加载器、主配置融合、记忆同步、AGENTS.md 模板、memoryFlush、memorySearch、多 Agent 配置、ClawRouter 成本优化等核心功能。
⭐ 1· 309·3 current·3 all-time
bywh1ko@zoopools
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name, description and all included templates/scripts are consistent with a centralized OpenClaw configuration management system (config loader, generate-main-config, memorySync, AGENTS/SoUL templates, ClawRouter integration). The files and commands referenced (jq, sed, openclaw gateway restart, config paths under ~/.openclaw and workspaces) all match the stated goal.
Instruction Scope
SKILL.md instructs the agent/user to read/write many local config and workspace files (e.g., ~/.openclaw, ~/agents/writer/SOUL.md) which is expected, but it also recommends executing a remote installer via `curl -fsSL https://blockrun.ai/ClawRouter-update | bash` and to interact with remote APIs (SiliconFlow bge-m3). AGENTS.md includes conflicting guidance — 'Don't ask permission. Just do it.' — which could encourage agents to act without human confirmation. These items expand the trust surface and merit review.
Install Mechanism
The skill has no formal install spec (instruction-only), which is low-risk in itself, but the provided runtime instructions explicitly recommend running an external one-line installer (curl|bash) and Docker/`git clone` flows for ClawRouter from third-party domains (blockrun.ai, blockrun/clawrouter). A curl|bash install from an external domain is a high-risk action unless you have verified the source; the skill also references downloading/running containers and wallets (crypto) which require extra caution.
Credentials
The package does not declare required environment variables, which matches the instruction-only nature, but templates and instructions show that users will put sensitive secrets into local config files (channels/feishu.json, clawrouter.json, SiliconFlow API keys, bot tokens). These credentials are relevant to the described integrations, so the request is proportionate — but the skill relies on users storing secrets in files rather than strongly recommending safer alternatives (env vars or secret stores).
Persistence & Privilege
always:false and no install spec indicates the skill does not request permanent elevated presence. However, AGENTS.md contains guidance that could be interpreted as encouraging an agent to act without asking ('Don't ask permission. Just do it.'), which is a policy/behavior concern rather than a technical privilege request. Autonomous invocation is allowed by default on the platform; combine that with the agent-directed 'act without asking' phrasing and you should be careful about enabling autonomous actions that transmit data or perform destructive operations.
Scan Findings in Context
[no_regex_findings] expected: Static regex scanner found nothing — expected because this is an instruction-only skill (no code files). Lack of findings does not imply safety; the runtime instructions contain network/installer recommendations that are high-risk in practice.
What to consider before installing
This skill is largely coherent with being a configuration center, but review these before installing/using: 1) Do NOT run curl|bash installers from an unverified domain without checking the upstream project (prefer Docker images from a verified registry or cloning the official GitHub repo and reviewing code). 2) Inspect templates that will hold secrets (feishu.json, clawrouter.json, memory config) and prefer environment variables or a secrets manager instead of plaintext files; ensure .gitignore is in place. 3) Back up existing ~/.openclaw configs before copying templates or running generate-main-config.sh. 4) The AGENTS.md line 'Don't ask permission. Just do it.' is ambiguous and could lead agents to perform actions without confirmation — if you enable autonomous agents, restrict actions that send data externally or modify system state without explicit user consent. 5) If you plan to enable ClawRouter or SiliconFlow integration, verify the vendor domains (blockrun.ai, siliconflow.cn) and their authenticity and audit any installer scripts before executing them. If you want, I can: (a) extract every command the skill would run so you can review them; (b) produce a checklist of exact secrets/files to protect; or (c) suggest safer alternatives to the curl|bash installer steps.Like a lobster shell, security has layers — review code before you run it.
chinesevk9773ty62yp2nd69ev3d6vzkrn82g8q7clawroutervk977j8r5s57qexhgs9cqwjwm2n82hjxrconfigvk977j8r5s57qexhgs9cqwjwm2n82hjxrcostvk977j8r5s57qexhgs9cqwjwm2n82hjxrlatestvk977j8r5s57qexhgs9cqwjwm2n82hjxrmanagementvk977j8r5s57qexhgs9cqwjwm2n82hjxrmemoryvk9773ty62yp2nd69ev3d6vzkrn82g8q7modularvk9773ty62yp2nd69ev3d6vzkrn82g8q7multi-agentvk977j8r5s57qexhgs9cqwjwm2n82hjxropenclawvk9773ty62yp2nd69ev3d6vzkrn82g8q7optimizationvk977j8r5s57qexhgs9cqwjwm2n82hjxrroutingvk977j8r5s57qexhgs9cqwjwm2n82hjxr
License
MIT-0
Free to use, modify, and redistribute. No attribution required.