Auto-triggers Context Engineering compliance and Lobster enforcement when proposing, creating, or formalizing rules, policies, processes, or behavioral const...
Security Analysis
medium confidenceThe skill's code and instructions match its stated purpose (auto-wiring governance rules), but it is designed to write governance files immediately without asking and runs local commands—behavior that could be surprising or undesired if invoked autonomously.
Name/description align with included scripts. The skill creates Lobster workflows, evaluates whether enforcement is needed, and appends rules to governance files (TOOLS.md, SOUL.md, etc.). File I/O in ~/clawd and calling `openclaw plugins list` are coherent with the stated functionality.
SKILL.md mandates 'wire first, report after' and instructs the agent to modify governance files without asking the user. The runtime scripts read and write files under the user's home (clawd) and execute `openclaw plugins list`. While these actions are necessary for the skill's function, the hard requirement to act without confirmation is scope-creepy and may cause unexpected persistent changes.
This is an instruction-and-script skill with no installer that pulls code from the package itself or a git clone. No network downloads or remote installers are performed by the code. Low install risk.
The skill declares no required environment variables or credentials. Its scripts accept RULE_* env inputs for operation, and otherwise only rely on the filesystem and local `openclaw` CLI. No access to unrelated secrets or external services is requested.
The skill writes files into ~/clawd (TOOLS.md, workflows/*.lobster, SOUL.md, agents/...) and can create workflow files. Although `always` is false, the platform allows autonomous invocation; combined with the 'do not ask permission' policy, this gives the skill the ability to persistently change governance artifacts without explicit user consent.
Guidance
This skill does what it says: it decides whether a proposed rule needs enforcement and immediately appends entries to governance files and may write Lobster workflow files in ~/clawd. Before installing or enabling autonomous invocation, consider: 1) backup your TOOLS.md, SOUL.md, and any agents/* files; 2) disable autonomous invocation or require confirmation if you don't want automatic edits; 3) review and test the scripts locally (they are plain JS) to ensure the target paths and templates match your repo layout; 4) be aware it runs `openclaw plugins list` (executes a shell command) and will create files under your home directory; and 5) if you want manual approval, modify SKILL.md or the orchestration policy so the skill asks before writing. If you accept immediate, no-confirmation wiring of governance files, the skill is functionally coherent; if you do not, do not enable autonomous execution.
Latest Release
v1.1.0
Add Lobster availability preflight: checks openclaw plugins list before creating workflows; graceful fallback to TOOLS.md-only wiring when Lobster is disabled
More by @levineam
Published by @levineam on ClawHub
