ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Agency Agents Caller

v1.0.3

Call 179 professional agents on-demand from database

0· 28·0 current·0 all-time
by杨兴隆@717986230
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
CryptoRequires walletCan make purchasesCan sign transactionsRequires OAuth token
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description (call 179 agents from a database) align with the included files: a ~2.4MB data/agents.json, scripts to initialize a local SQLite DB, an AgentCaller API, import/verify scripts and examples. No unrelated binaries or cloud credentials are requested.
!
Instruction Scope
SKILL.md and the scripts are scoped to local DB creation/import/usage, which is expected. However LOGIN_GUIDE.md explicitly tells users to provide their ClawHub token to the author/CLI and even says 'Tell me your ClawHub token, I’ll publish for you' — a social-engineering instruction outside of the skill's runtime needs and a risk for credential disclosure.
Install Mechanism
No install spec / no remote downloads. The skill is instruction-only for installation and includes local Python scripts that initialize a SQLite DB and import bundled JSON. No external URLs are fetched by the scripts.
!
Credentials
Declared requirements are limited to Python and sqlite3 (proportional). But documentation (LOGIN_GUIDE.md) solicits the user's ClawHub API token and shows CLI publish flows — this is not required for runtime use of the skill and encourages sharing a credential that the skill otherwise doesn't need, which is disproportionate and risky.
Persistence & Privilege
The package does not request persistent platform privileges (always:false). It writes/reads its own files (creates memory/database/xiaozhi_memory.db) which is normal for a local DB-backed skill and does not modify other skills or system-wide configs.
What to consider before installing
The code itself appears to do what it claims: initialize a local SQLite DB and provide an API to read 179 bundled agent prompts. However: 1) Do NOT share your ClawHub API token or other secrets with this skill or with any assistant prompt — LOGIN_GUIDE.md contains an explicit request to give the token to the publisher, which is unnecessary for using the agent caller locally and could lead to credential theft. 2) If you install it, run the initialization and verification scripts in a sandbox or isolated environment, inspect memory/database/xiaozhi_memory.db and data/agents.json for any surprising content, and prefer using your own ClawHub CLI locally (clawhub login) rather than handing tokens to third parties. 3) If you plan to publish via ClawHub, perform publishing steps locally with the official CLI, never paste tokens into chat or third-party files. If you want a safer go/no-go: this package is functionally coherent but treat the token-sharing guidance as a red flag — do not share secrets; otherwise the package is usable.

Like a lobster shell, security has layers — review code before you run it.

latestvk9743amfw9ccsjybjtrhw1mhah84nt6c

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments