Help users with [FEATURE]: 工具操作前置安全校验(edit/write/shell 防护). Use when a user asks for creative-and-content, feature, edit, write, shell, or needs a practical...
Security Analysis
high confidenceThis skill does not show malware or data theft, but it can be invoked very broadly for edit, write, and shell-related work without clear safety boundaries.
The stated purpose is pre-operation safety validation for edit/write/shell actions, but the actual workflow is a generic creative/workflow/code-support template and does not define concrete shell or file-edit safety checks.
The description and trigger list include broad words such as feature, edit, write, shell, checked, existing, issues, and found, making accidental activation likely for unrelated coding or writing tasks.
The package consists only of SKILL.md, a reference markdown file, and agents/openai.yaml; there are no install scripts, dependencies, binaries, or package-manager hooks.
Implicit invocation is enabled for a skill that claims to affect edit/write/shell workflows, but the artifacts do not provide enough scoping or user-control guidance for those sensitive contexts.
No persistence, credential handling, background workers, network access, or privilege escalation behavior is present in the artifacts.
Guidance
Review before installing. The skill appears non-destructive and VirusTotal/static scans are clean, but it is broadly auto-invokable and under-scoped for shell and file-editing safety. Install only if you are comfortable with it influencing general edit/write/shell requests, or narrow its triggers and disable implicit invocation first.
Latest Release
v0.1.1
- Renamed the skill from "create-feature-edit-write-shell" to "shell-editing-workflow-helper" throughout documentation and triggers. - Updated example trigger sentences to use the new skill name. - Removed the file skill-card.md. - Minor adjustments in metadata for consistency.
Popular Skills
Published by @kyro-ma on ClawHub
