← Back to Skills Marketplace
432
Downloads
1
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install multi-skill-automation-suite
Description
Comprehensive automation suite combining multiple OpenClaw skills for security, development, content processing, and utilities. Includes healthcheck, git ess...
Usage Guidance
Do not install this suite yet. Ask the maintainer for: (1) source code or install scripts for 'clawhub install' and the auto-update/auto-install functions, (2) exact runtime commands the skill will run for host hardening and whether they require sudo/root, (3) which binaries (headless browser, monitoring agents) it will install and from what URLs/releases, (4) evidence the suite won't modify other skills or agent configs without explicit consent, and (5) clarification and justification for the 'AI Text Humanization / bypass detection' feature (it may be misuse). If you must test, run it in a fully isolated sandbox or VM, review the actual installer and update mechanism, and prefer a signed, well-documented release with a verifiable homepage and maintainer contact.
Capability Analysis
Type: OpenClaw Skill
Name: multi-skill-automation-suite
Version: 1.0.0
The skill bundle is classified as suspicious due to explicit instructions in SKILL.md and README.md that create significant security vulnerabilities for the OpenClaw agent. Most notably, the 'Skill Discovery' feature is described as 'Find and install new agent skills automatically', which is a direct instruction for the AI agent to perform arbitrary code execution by installing potentially malicious skills without explicit user confirmation. Furthermore, instructions for 'Host Security Hardening', 'Firewall & SSH Management', and 'Browser Automation' grant the agent broad system-level and web interaction capabilities, increasing the attack surface if the agent is compromised or misdirected through prompt injection.
Capability Assessment
Purpose & Capability
The suite claims host hardening, firewall/SSH management and system monitoring (operations that normally require elevated privileges and explicit configuration), plus automatic discovery/installation of other skills and headless-browser automation. Yet the manifest requests only git and curl and lists no config paths, no install steps, and no privilege requirements. That mismatch is inconsistent: either the skill cannot actually perform those tasks as described, or it omits required capabilities/permissions.
Instruction Scope
SKILL.md is high-level and provides no concrete runtime commands or file paths. It asserts automatic updates and 'find and install new agent skills automatically' but gives no mechanism or safeguards — this vagueness grants broad implicit discretion. Additionally, it advertises 'AI Text Humanization' to 'bypass detection systems', which is an explicit instruction to produce evasive outputs and raises ethical/misuse concerns.
Install Mechanism
This is instruction-only with no install spec or code files, so nothing will be written to disk by the skill bundle itself. That lowers direct supply-chain risk. However, the README/usage references 'clawhub install' and automatic updates; the actual installer and its source are not provided here and would need review.
Credentials
No environment variables, credentials, or config paths are requested despite capabilities that normally require them (system/root access, cloud credentials for monitoring, browser binaries). The absence of declared secrets is proportional on paper but implausible given the claimed features; lack of declared credentials makes the capability claims suspect or under-specified.
Persistence & Privilege
always:false (normal). The skill claims it will auto-install and auto-update other skills, which implies the ability to modify agent configuration or perform network installs; those privileges are not made explicit. Default autonomous invocation is allowed (disable-model-invocation:false) — combine that with the suite's claim to auto-manage skills and you have a higher blast radius if the implementation were malicious or buggy.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install multi-skill-automation-suite - After installation, invoke the skill by name or use
/multi-skill-automation-suite - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release: Comprehensive automation suite with security, development, content processing, and utility skills
Metadata
Frequently Asked Questions
What is Multi-Skill Automation Suite?
Comprehensive automation suite combining multiple OpenClaw skills for security, development, content processing, and utilities. Includes healthcheck, git ess... It is an AI Agent Skill for Claude Code / OpenClaw, with 432 downloads so far.
How do I install Multi-Skill Automation Suite?
Run "/install multi-skill-automation-suite" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Multi-Skill Automation Suite free?
Yes, Multi-Skill Automation Suite is completely free (open-source). You can download, install and use it at no cost.
Which platforms does Multi-Skill Automation Suite support?
Multi-Skill Automation Suite is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Multi-Skill Automation Suite?
It is built and maintained by BestRocky (@bestrocky); the current version is v1.0.0.
More Skills