Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
1Panel skills
v0.0.21Panel operation skill for OpenClaw. Use when the user wants OpenClaw to interact with a 1Panel instance for resource monitoring, websites, certificates, app...
⭐ 1· 494·2 current·2 all-time
by@1panel
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill's name/description match its behavior: it implements read-oriented 1Panel API operations. However the registry metadata claims 'Required env vars: none' and 'Primary credential: none' while SKILL.md and the code both require ONEPANEL_BASE_URL and ONEPANEL_API_KEY (plus optional ONEPANEL_TIMEOUT_MS and ONEPANEL_SKIP_TLS_VERIFY). That mismatch between declared registry requirements and the actual code/README is a coherence issue and could mislead users about secret requirements.
Instruction Scope
SKILL.md and the code restrict functionality to query/inspection endpoints and explicitly reserve mutations for future changes, which aligns with the described scope. The CLI supports reading an --input-file and the code will read arbitrary local files when that flag is used (node:fs/promises readFile). Modules expose endpoints that read server-side logs and files (/api/v2/files/read, /api/v2/logs/system/files), which is expected for 1Panel operations but means the skill will fetch potentially sensitive server logs if given access. Overall scope is appropriate, but the ability to read arbitrary local files via --input-file should be considered when granting the agent runtime permissions.
Install Mechanism
No install spec that downloads arbitrary code from the network. The repository includes compiled JS under dist/ and TypeScript sources; package.json points to ./dist/plugin.js for OpenClaw. No external URLs, installers, or archive extracts are used. This is low-risk compared to remote downloads.
Credentials
The environment variables required by the code (ONEPANEL_BASE_URL, ONEPANEL_API_KEY, optional TIMEOUT and SKIP_TLS) are proportionate for a 1Panel integration. The concern is that the registry metadata does not declare these env vars or a primary credential—so a user or platform may not be warned that an API key (a secret) is needed. That omission is the primary proportionality/red-flag issue.
Persistence & Privilege
The skill does not request 'always: true' and does not attempt to modify other skills or system-wide settings. It provides a CLI and plugin entrypoint (dist/plugin.js) but does not claim elevated, permanent privileges beyond normal operation. Autonomous invocation is enabled (default) but not combined with other privileged behavior.
What to consider before installing
This package largely does what it claims: it's a read-only (for now) 1Panel API client implemented in TypeScript/JS. Before installing: 1) Be aware the code requires ONEPANEL_BASE_URL and ONEPANEL_API_KEY (these are NOT listed in the registry metadata) — provide only a key scoped for read/monitoring, and rotate it later. 2) The CLI supports --input-file which will cause the skill to read any file path you pass; don't allow the agent to pass arbitrary file paths unless you trust it. 3) The skill can fetch server logs and system files from the 1Panel instance (expected for this purpose) — only connect it to trusted 1Panel instances. 4) Because metadata omitted the required credentials, treat that as a sign to audit the plugin code (dist/plugin.js and scripts/) and verify configuration UI before granting secrets. If you need lower risk, require a read-only API key and avoid giving the skill filesystem access in the runtime.openclaw.plugin.json:30
Install source points to URL shortener or raw IP.
About static analysis
These patterns were detected by automated regex scanning. They may be normal for skills that integrate with external APIs. Check the VirusTotal and OpenClaw results above for context-aware analysis.Like a lobster shell, security has layers — review code before you run it.
latestvk97d2ecyczf5s8hmb57gap4rh183hd33
License
MIT-0
Free to use, modify, and redistribute. No attribution required.