ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Atlas Tracker

v1.0.5

Work with Atlas Tracker (RedForester) mindmaps via MCP tools. Use when reading, creating, or updating nodes and branches in Atlas Tracker maps — including na...

0· 367·0 current·0 all-time
byAlexandr Petrov@didro
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The skill is for manipulating Atlas Tracker maps and the SKILL.md's workflows (read/create/update nodes, upload files, comments, typed nodes) match that purpose. However, the registry metadata claims 'no required env vars' and 'no install', while the SKILL.md instructs installing a local MCP proxy and setting several env vars (AT_BASE_URL, AUTH_HEADER, API_KEY, PORT) and copying plugin files into ~/.openclaw/extensions. That mismatch is unexpected and reduces confidence.
!
Instruction Scope
The instructions require you to run a local Node.js MCP server, set auth-related environment variables (including an AUTH_HEADER derived from username/md5(password)), and copy an OpenClaw plugin (index.ts/openclaw.plugin.json) into your extensions directory. The skill's text also documents direct REST usage patterns that show how to construct Basic auth headers. These steps involve handling credentials and installing code not included with the skill; the SKILL.md reads and expects secrets and files that the package metadata did not declare. Reading/writing local service files and placing plugins into the agent's extension directory are beyond a simple instruction-only mapping skill and create supply-chain and credential-handling risk.
Install Mechanism
There is no install spec and no code files in the package; the skill is instruction-only. That reduces immediate supply-chain risk from the registry package itself. The instructions do tell the user to run and install external code (at-mcp server and an OpenClaw plugin) from outside sources, which is a user action rather than an automated install by the skill package.
!
Credentials
Although the skill itself declares no required env vars, the SKILL.md explicitly requires AT_BASE_URL, AUTH_HEADER, API_KEY, and PORT for the MCP server. Those credentials are plausibly needed to proxy to app.redforester.com, but the registry metadata omission is inconsistent and could hide credential requirements. AUTH_HEADER uses an MD5(password) scheme (documented in references), which is weak/odd and may cause accidental exposure of credentials if stored in systemd service files or .env without care.
!
Persistence & Privilege
The runtime instructions tell the user to run a long-lived local service (systemd user service) and to copy a plugin into ~/.openclaw/extensions so OpenClaw will load it persistently. While the skill metadata does not set always:true, these steps create persistent code and agent-scope plugins on the user's machine. Because the required plugin and MCP server code are not included in the packaged skill, installing them from external sources increases the attack surface and persistence risk.
What to consider before installing
This skill appears to do what it says (operate on Atlas Tracker maps), but there are several red flags you should address before installing or running anything: - Metadata mismatch: The registry lists no required env vars or install steps, yet SKILL.md requires you to run a local MCP server and set AT_BASE_URL, AUTH_HEADER, API_KEY, PORT. Ask the publisher to correct the registry metadata or include clear provenance for those components. - Unbundled code: The skill tells you to copy index.ts and openclaw.plugin.json into ~/.openclaw/extensions, but those files are not included. Do NOT copy or run plugin code from unknown sources. Obtain the MCP server and plugin only from an official RedForester/OpenClaw repository or the maintainer and review their code first. - Credential handling: AUTH_HEADER requires base64(username:md5(password)). Storing such derived credentials in systemd service files or .env files can expose them (service files and env files may be readable by other local processes or backups). Use least-privilege credentials (a dedicated API key for the local proxy), avoid reusing your Atlas Tracker password, and restrict file permissions to the minimum required. - Network controls: The MCP server should be bound to localhost only and firewall rules applied so it cannot be reached remotely. Verify the MCP server does not accept external connections by default. - Review code: Before enabling the plugin or MCP service, inspect their source for data exfiltration (HTTP requests to unknown hosts, logging of credentials, telemetry). If you cannot review the code, do not install it. - Ask for clarification: Request that the skill package include or reference exact sources (GitHub repo and release tags) for the MCP server and plugin and update registry fields to list required env vars and files. Given these issues (inconsistencies in declared requirements, required persistent local components from external sources, and handling of credentials), proceed only after verifying sources and reviewing the code. If you want, provide the MCP server and plugin repository links and I can re-evaluate the supply-chain and code-level risks.

Like a lobster shell, security has layers — review code before you run it.

atlas-trackervk9744tv7djk3fty227ydqbjnpn81y0eglatestvk9732d3vj4h24p4bhx7a3nvy35827qsfmindmapvk9744tv7djk3fty227ydqbjnpn81y0egredforestervk9744tv7djk3fty227ydqbjnpn81y0eg

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

SKILL.md

Atlas Tracker Skill

Atlas Tracker (app.redforester.com) is a graph-based knowledge system combining mindmaps, Kanban, and structured properties. This skill covers working with it via the OpenClaw AT plugin tools.

Setup

This skill requires two components to be installed and running:

1. AT MCP Server

A local Node.js server that proxies requests to the Atlas Tracker REST API.

The AT MCP server is maintained by the Atlas Tracker / RedForester team.
Contact @gmdidro (Telegram) or visit app.redforester.com to request access.

Once you have the server files:

cd at-mcp/
yarn install
yarn build

# Run directly
node build/index.js

# Or run as a systemd user service (recommended)
cp at-mcp.service ~/.config/systemd/user/
systemctl --user daemon-reload
systemctl --user enable --now at-mcp

The server listens on http://localhost:3222 by default.

Required environment variables (set in the service file or .env):

AT_BASE_URL=https://app.redforester.com/api
AUTH_HEADER=Basic <base64(username:md5(password))>
API_KEY=<your-local-api-key>
PORT=3222

2. OpenClaw Plugin

Copy the plugin file to your OpenClaw extensions directory:

mkdir -p ~/.openclaw/extensions/atlas-tracker/
cp index.ts ~/.openclaw/extensions/atlas-tracker/
cp openclaw.plugin.json ~/.openclaw/extensions/atlas-tracker/

Then configure the plugin in your openclaw.json:

{
  "plugins": {
    "atlas-tracker": {
      "serverUrl": "http://localhost:3222",
      "apiKey": "<your-local-api-key>"
    }
  }
}

OpenClaw will hot-reload the plugin automatically. Verify with:

openclaw status

You should see at_read_branch, at_create_branch, at_update_branch, at_get_node_types, at_read_attachments listed as available tools.

Core Concepts

  • Map — a mindmap, identified by mapId (full UUID)
  • Node — a single item in the map; has id, title (HTML), optional typeId, typeProperties, children[]
  • Branch — a node + all its descendants
  • Node type — a schema defining available properties (enum, text, htmltext, file, user, date, etc.)
  • Title format — always HTML: <p>My title</p>, never plain text

Tool URLs

All tools take a nodeUrl in format:

https://app.redforester.com/mindmap?mapid=<UUID>&nodeid=<UUID>

Both mapid and nodeid must be full UUIDs (e.g. 3d7340e8-c763-4c9e-b049-4e900b7cf565), never partial.

Workflow

Reading a branch

Always read before modifying — never assume structure:

at_read_branch(nodeUrl) → returns node tree with children, types, properties

Finding the right node

If you don't know a nodeId, search via AT REST API:

POST /api/search  body: {"query": "...", "map_ids": ["<mapId>"]}
# Returns hits[].id — then at_read_branch each candidate to verify title

Creating branches

at_create_branch(parentNodeUrl, data)

data must include children: [] even for leaf nodes — required field.

Updating branches

at_update_branch(nodeUrl, delete[], update[], create[])
  • create items: {parentNodeId, data: {title, typeId?, typeProperties?, children: []}}
  • update items: {id, title?, typeProperties?, customProperties?}
  • All three arrays required (pass [] if unused)

Node Types

Call at_get_node_types(nodeUrl) once per map session — types vary per map. Common types: Идея, Задача, Заметка, Категория, Проект, Этап, Заявка, Лид.

For typed nodes, typeProperties keys must exactly match the property names from at_get_node_types.

Critical Rules

  1. Full UUIDs only — partial IDs (e.g. b319f356) will return 404
  2. children: [] required — omitting it causes validation error on create
  3. HTML titles — wrap in <p>...</p>; use <ul><li>...</li></ul> for lists
  4. Read before write — always at_read_branch first to get current state and node IDs
  5. 403 = permission denied — you can only write nodes owned by your AT account; read access may be broader
  6. Large maps are slow — avoid full subtree reads on large maps; use search + targeted node reads instead

Common Patterns

Add children to existing node

  1. at_read_branch to get parent nodeId and confirm it exists
  2. at_update_branch with create: [{parentNodeId: "<id>", data: {..., children: []}}]

Batch create a solution tree

Use at_create_branch with nested children[] to create the full tree in one call.

Update node content

  1. at_read_branch to get current node id and properties
  2. at_update_branch with update: [{id, typeProperties: {key: "<html_value>"}}]

Create a link node (shortcut/reference)

A link node is a reference to an existing node — it appears in the map as a shortcut to the original. Useful for showing the same node in multiple places without duplicating it.

at_create_link_node(nodeUrl, originalNodeId)
  • nodeUrl — URL of the parent where the link node should appear
  • originalNodeId — UUID of the existing node to reference

Example: place a reference to node abc-123 under parent node def-456:

at_create_link_node(
  "https://app.redforester.com/mindmap?mapid=<mapId>&nodeid=def-456",
  "abc-123"
)

Upload a file to a node

Attach any file (PDF, Excel, Word, image) to an AT node:

at_upload_file(nodeUrl, filePath)
  • filePath — absolute local path to the file
  • Uploads via PUT /api/files, then attaches as a type_id=10 property
  • Adds to existing files — does not overwrite

Work with comments

at_get_comments(nodeUrl)           → list all comments (with thread structure)
at_add_comment(nodeUrl, text, replyToCommentId?)  → add comment or reply to thread
at_update_comment(nodeUrl, commentId, text)       → edit comment text
at_delete_comment(nodeUrl, commentId)             → delete comment

Reference Files

  • api-patterns.md — REST API search, auth, node fetch patterns (read when you need to search nodes or call AT API directly)
  • node-types-guide.md — property type reference (htmltext, enum, file, user, date, etc.) and how to set them (read when creating/updating typed nodes)

Files

3 total
Select a file
Select a file to preview.

Comments

Loading comments…