ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Content Parser

v0.1.0

Extract and parse content from URLs. Triggers on: user provides a URL to extract content from, another skill needs to parse source material, "parse this URL"...

0· 229·1 current·1 all-time
by@0xfango
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The skill declares it needs a LISTENHUB_API_KEY which fits a content-extraction service, but the runtime instructions call an API at https://api.marswave.ai/... — the domain does not match the LISTENHUB name and there is no homepage or source to explain this. That mismatch (credential name vs. endpoint host) is unexpected and should be justified.
!
Instruction Scope
SKILL.md instructs the agent to call external extraction endpoints (via curl) and to create/read local config. It also mandates reading several shared files (shared/authentication.md, shared/config-pattern.md, shared/common-patterns.md) which are not included in the package. There is a direct contradiction: Setup Flow creates files under .listenhub/ but a Hard Constraint says 'Never save files to ... .listenhub/ — save to the current working directory.' These inconsistencies could cause incorrect behavior or unexpected writes.
Install Mechanism
This is an instruction-only skill with no install spec and no bundled code, so nothing will be downloaded or written by an installer step. That is the lowest install risk.
Credentials
The skill asks for a single API credential (LISTENHUB_API_KEY), which is reasonable for a hosted extraction service. However, the env var name does not match the explicit API host used in curl calls (marswave.ai), which is suspicious and should be clarified. The SKILL.md otherwise does not request additional unrelated secrets.
!
Persistence & Privilege
The skill instructs creating a local config file ('.listenhub/content-parser/config.json' or $HOME equivalent) and may write extracted content into the current directory. The contradictory guidance about never saving to .listenhub vs. creating .listenhub is alarming: the skill both instructs and forbids writing there. Persisting config and output files is plausible for this functionality but the inconsistency increases risk and should be resolved.
What to consider before installing
Don't install blindly. Before proceeding, ask the skill author (or registry owner) to clarify: (1) which API host is authoritative (is LISTENHUB backed by marswave.ai?); (2) where config and downloaded files will actually be stored (the SKILL.md both creates and forbids .listenhub); and (3) provide the missing shared files referenced (authentication.md, config-pattern.md, common-patterns.md, api-content-extract.md). If you must try it, use a throwaway/limited API key with only needed scope, run the skill in an isolated environment or container, and verify all network endpoints (DNS/IP) and files the agent writes. If the author cannot explain the domain/credential mismatch and the contradictory config instructions, treat the skill as untrusted.

Like a lobster shell, security has layers — review code before you run it.

latestvk974msp9mq545zeczj1rq89f4d82wnh6

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🔗 Clawdis
EnvLISTENHUB_API_KEY
Primary envLISTENHUB_API_KEY

Comments