Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Beta Knowledge
v1.0.0Access Beta's organized repository of research, strategies, platform info, skill frameworks, outreach templates, and market playbooks.
⭐ 0· 47·1 current·1 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The name/description (a knowledge base) matches the actual files: platform notes, playbooks, outreach templates, and integration guides. That content is coherent with the stated purpose. However the knowledge includes hands-on integration steps (API calls, curl | bash install instructions, SDK code samples) which go beyond passive reference material and enable active interaction with external services.
Instruction Scope
The SKILL.md is lightweight, but multiple included files contain actionable runtime instructions: curl | bash CLI installs, REST API examples, CLI payloads, and explicit commands. More importantly, several files embed what appear to be real tokens/keys and local filesystem paths (see ugig API key, CoinPay PKCE token, and /Users/zhouwen/.openclaw paths). Those embedded credentials and local paths expand the skill's effective scope (they could be used by an agent to connect to external services or imply sensitive local data), but the skill declares no required credentials or config, creating a gap between instructions and declared scope.
Install Mechanism
There is no formal install spec (instruction-only), which is lowest technical risk. But several documents recommend or show commands to install CLIs via curl | bash (e.g., curl -fsSL https://ugig.net/install.sh | bash) and reference third-party SDKs. Those recommendations are actionable and have the usual risks of piping remote install scripts into a shell. No archive downloads or obscure URLs were found in the package itself, but the recommended installs fetch code at runtime from external endpoints.
Credentials
The skill declares no required environment variables or credentials, yet multiple files contain embedded credentials and tokens (e.g., 'ugig_live_PuNyvKdUcMK0vejxP7kQyeJndPYbtwXt' and 'pkce_97b168d...'). It also references local user paths and skill directories. Hard-coded secrets in an instruction-only knowledge skill are disproportionate and inappropriate: either these are leaked real credentials or they are placeholders — the package gives no indication which. This mismatch is a significant red flag.
Persistence & Privilege
The skill does not request always-on presence, does not modify other skills, and declares no special OS restrictions. Autonomous invocation is enabled by default (normal). There is no explicit request to persist or change agent-wide settings in the bundle itself.
What to consider before installing
This knowledge-base skill appears to be what it says (research, playbooks, integration notes), but it includes embedded API keys/tokens and references to local file paths and curl | bash install commands that the skill did not declare. Before installing or letting an agent use this skill: 1) Do not assume embedded keys are safe — treat them as leaked credentials; verify with the publisher whether they are placeholders or real, and rotate/revoke any real keys if they belong to you. 2) Avoid running curl | bash commands from these docs without inspecting the remote script. 3) If you plan to let an agent act on these integration instructions, restrict its network/credential access and do not allow it to use any embedded tokens. 4) Ask the skill author for provenance (who published it, which tokens are test values) and for a version without embedded secrets. If the author can demonstrate the tokens are fake/test values or remove them, the package would be much less risky.Like a lobster shell, security has layers — review code before you run it.
latestvk978js8fk9kybyecrdt73jncnh83vsrz
License
MIT-0
Free to use, modify, and redistribute. No attribution required.