Skill Fix Workflow

Automatically extracts and stitches sequential skills into a configurable, exception-handled workflow saved as an automated program.

This skill appears to do what it says (extract call sequences and write a stitched Python program), but review a few things before using it: - The joiner writes code files to ./fixed_tasks and logs to ./task_logs. Expect files to be created on disk; check and clean these folders if you want to avoid persisted artifacts. - The generated program contains placeholder functions (e.g., skill_fetch_data, tool_file_save). Running the program without implementing or importing real implementations will either fail or do nothing. Carefully implement and inspect those functions before running. - I found an implementation inconsistency: generated code imports output_screen, output_file, output_api, output_web, but output_handler.py provides an OutputHandler class and helper functions (create_output_handler/get_output_function_code) rather than top-level output_* functions. That will likely cause runtime errors until corrected — it is not evidence of exfiltration but is a bug you should fix before running generated programs. - The code does not request credentials or make network calls itself (API output is currently simulated). However, once you implement the placeholder functions or change output behavior, the generated program could perform network I/O. Audit any implementations you add for network endpoints, credentials, and data-sending logic. Recommended actions: 1) Inspect the generated program (open ./fixed_tasks/<topic>.py) before execution. 2) Run generated code in an isolated environment (container or VM) until you confirm its behavior. 3) Implement placeholder functions with safe, audited code and add explicit checks for any network calls or credentials. 4) If you expect API output, verify the destination URL and authentication before enabling it. Confidence note: I am confident this skill is not clearly malicious, but the implementation inconsistencies and ability to write executable files to disk justify caution; more information (author/source, tests showing corrected output functions) would raise confidence to high.

Type: OpenClaw Skill Name: skill-fix-workflow Version: 1.0.0 This skill bundle implements a 'workflow fixation' tool that extracts tool calls from conversation history and generates executable Python scripts in the `fixed_tasks/` directory. It is classified as suspicious because it performs automated code generation and file writing (`joiner.py`) without sufficient escaping of user-controlled string parameters in the `_python_repr` and `_format_call_params` functions, which could lead to code injection in the generated scripts. Furthermore, the bundle includes infrastructure for data exfiltration via API (`output_handler.py`) and an autonomous 'resource replacement' mechanism (`exception_wrapper.py`) that, while currently containing placeholders, represents a high-risk capability if fully implemented or exploited.