Safety Report

Context Engineering (Koylan)

Name: Context Engineering (Koylan)
Author: levineam

Comprehensive context engineering guidance for AI agent systems. Routes to specialized sub-skills for production agent work. Use when the user asks to: "opti...

81Downloads

0Installs

0Stars

1Versions

E-Commerce1,690 DevOps & Infrastructure1,045 Design & Prototyping842

Security Analysis

high confidence

Clean0.08 risk

The skill is an instruction-only router that loads sub-skill SKILL.md files (preferentially local, otherwise from a public GitHub raw URL); its requirements and behavior are coherent with its stated purpose.

Feb 28, 20262 files2 concerns

Purpose & Capabilityok

The skill's name and description claim routing to sub-skills and guidance about context engineering; the SKILL.md only requires reading sub-skill SKILL.md files (local or from raw.githubusercontent.com). No unrelated credentials, binaries, or installs are requested—this is proportionate to the stated purpose.

Instruction Scopenote

Runtime instructions tell the agent to read local SKILL.md files if present or fetch them from GitHub raw URLs when absent, and to load reference files progressively. This is appropriate for a documentation/router skill, but it does give the agent network fetch capability at runtime and the ability to read files under references/context-engineering-skills/. The SKILL.md also suggests an optional git submodule update command for offline use (which would modify the workspace if executed).

Install Mechanismok

No install spec or code files are present. The skill is instruction-only and does not download or extract archives itself, so there is no installer risk in the skill bundle.

Credentialsok

The skill declares no environment variables, credentials, or config paths. This is appropriate for a documentation-routing skill.

Persistence & Privilegenote

always:false and no special privileges are requested. The only persistence-related action suggested is an optional git submodule update that would write files into the workspace; that action is not required for normal operation but would give the skill a local copy of upstream content if executed.

Guidance

This skill is coherent and appears to only load documentation from local files or from public GitHub raw URLs. Before installing or enabling autonomous use, consider: (1) Trust the upstream repository and author—remote SKILL.md content can change; if an attacker modifies upstream files the agent could load malicious instructions. (2) If you need to eliminate network risk, initialize and pin a local submodule or vendor a snapshot of the repository (prefer a fixed commit). (3) Be cautious about executing the optional git submodule update or any shell commands that appear in fetched SKILL.md files—these would modify local workspace files. (4) No credentials are requested by this skill. If you want lower blast radius, restrict autonomous invocation or review fetched SKILL.md content before allowing the agent to act on it.

Latest Release

v1.0.0

Initial publish: OpenClaw wrapper for Muratcan Koylan's Agent-Skills-for-Context-Engineering, with 13 sub-skills covering context optimization, memory systems, multi-agent patterns, evaluation, and more.

More by @levineam

qmd External Knowledge Base Search

5 stars

Rule Creation

0 stars

Agent Skills Context Engineering

0 stars

lastXdays

0 stars

self-improving-agent

@pskoett · 1,456 stars

Gog

@steipete · 672 stars

Published by @levineam on ClawHub