ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

JQOpenClawNode skill

v26.3.9

统一通过 Gateway 的 node.invoke 调用 JQOpenClawNode 能力(file.read、file.write、process.exec、process.manage、system.run、process.which、system.info、system.screenshot、syste...

0· 417·0 current·0 all-time
byJason@188080501
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name and description claim a generic invoker for JQOpenClawNode commands (file.*, process.*, system.*, node.selfUpdate, etc.) and the SKILL.md exclusively documents constructing and validating node.invoke requests for those exact commands — the requested capabilities match the stated purpose and no unrelated credentials/binaries/install steps are required.
Instruction Scope
Instructions are detailed and narrowly prescribe using node.describe and node.invoke with strict parameter validation and error handling. This stays within the skill's purpose. Note: the documented commands allow very powerful remote operations (file read/write, process management, input control, screenshots, node.selfUpdate). That power is expected for this invoker but is sensitive — callers should verify node identity and gateway allowlist decisions before invocation.
Install Mechanism
No install spec or code files are present (instruction-only), so nothing is written to disk or downloaded. This minimizes supply-chain risk and is proportional to an invoker skill.
Credentials
The skill declares no required environment variables, credentials, or config paths. The SKILL.md does reference gateway configuration keys and file-server tokens in failure messages, but it does not request them — this is proportionate to its purpose.
Persistence & Privilege
always is false and the skill does not request persistent system modifications or cross-skill config writes. Autonomous invocation (disable-model-invocation = false) is the platform default; combined with the skill's broad remote capabilities this increases potential impact, but it is coherent with an invoker skill.
Assessment
This skill is internally consistent: it documents how to call node.invoke and how to validate nodes and params for a JQOpenClawNode. Before installing, consider: (1) the invoker enables powerful remote actions (file read/write, process kill, input control, screenshots, node.selfUpdate) — only allow it if you trust the agent and the target nodes; (2) require explicit user confirmation before executing write/kill/selfUpdate actions or make sure gateway policies and allowlists are strict; (3) verify node identity via node.describe (modelIdentifier/commands/displayName) as the skill prescribes; (4) be aware that screenshot/upload flows may rely on external file-server URIs/tokens (not requested here) — confirm those are handled securely. No evidence of unrelated credential requests or hidden network endpoints was found.

Like a lobster shell, security has layers — review code before you run it.

latestvk97e35vg3fjap1tepbgz1evehs82k0n0

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments