OpenClaw wrapper for Muratcan Koylan's Agent Skills for Context Engineering. 13 skills covering context optimization, multi-agent patterns, memory systems, t...
Security Analysis
high confidenceThe skill's description matches what it does, but it instructs the agent to silently fetch and apply external SKILL.md files from raw GitHub and to optionally modify the user's always-loaded workspace config — behavior that can persist and change runtime behavior without clear integrity guarantees.
The skill is an instruction-only wrapper that routes requests to 13 context-engineering sub-skills; its declared purpose aligns with the actions described (loading SKILL.md guidance, routing to sub-skills). It requests no binaries, credentials, or unrelated resources.
Runtime instructions tell the agent to (a) search the user's workspace config files for a marker, (b) optionally add a persistent 'Context Engineering Auto-Triggers' section to always-loaded config files, and (c) automatically load remote SKILL.md files from raw.githubusercontent.com during normal operation — and to do so silently unless the user asks. Reading and writing workspace files and silently fetching and applying external guidance expands scope beyond simple on-demand help and could alter agent behavior without clear, ongoing user consent.
There is no install spec (instruction-only), so nothing is written by an installer. The skill relies on fetching raw GitHub URLs (raw.githubusercontent.com) to load sub-skills — a well-known host, but the SKILL.md URLs are not pinned to specific commits/tags, so remote content can change after install. An optional git submodule workflow writes to the workspace if the user opts in.
The skill requires no environment variables, credentials, or config paths. It does not request unrelated secrets or credentials.
always:false and normal autonomous invocation are fine, but the skill instructs adding persistent auto-trigger rules into the user's always-loaded config (AGENTS.md/TOOLS.md) if the user agrees. Combined with silent auto-reading of remote SKILL.md files during operation, this creates a persistent behavior change and a continuing network dependency with no built-in content integrity checks.
Guidance
This skill appears to do what it claims (routing to context-engineering sub-skills), but it will: (1) read your workspace config files to detect integration points, (2) ask to add a persistent 'auto-triggers' section to your always-loaded config (which will make the skill behave differently in future sessions), and (3) silently fetch and apply sub-skill SKILL.md files from raw.githubusercontent.com at runtime. Before installing or accepting config changes, consider: - Review the exact text the skill will add to your AGENTS.md/TOOLS.md and deny or edit if you don't want persistent auto-triggers. - Prefer using a local/offline copy (git submodule) or require pinned URLs (commit SHAs or tags) so remote changes can't silently alter behavior. - If you allow auto-triggers, be aware the agent may fetch external guidance during normal operation without prompting; if that's unacceptable, decline the config modification or disable silent auto-read behavior. - Only enable this skill if you trust the upstream repository and are comfortable with the agent making network requests to pull guidance at runtime.
Latest Release
v1.2.0
- Added post-install setup instructions to ensure context engineering auto-triggers are wired into user configuration. - On first load, skill now checks config files for auto-trigger rules and offers to add them if missing. - Provided ready-to-insert config snippet for seamless auto-trigger integration. - No changes to core sub-skills or auto-read trigger logic.
More by @levineam
Published by @levineam on ClawHub
