ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Clawdbot Documentation Expert

v1.0.0

Expert guidance on navigating, understanding, configuring, troubleshooting, and automating Clawdbot using official documentation and config snippets.

0· 4.1k·39 current·40 all-time
by@janhcla·duplicate of @nicholasspisak/clawddocs
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name, SKILL.md and the included scripts all focus on discovering, fetching, indexing, and tracking Clawdbot documentation (sitemap, search, recent/changes, fetch specific doc). Required binaries/env/config are none — this matches the stated purpose.
Instruction Scope
Runtime instructions tell the agent to run the provided scripts, use the browser tool to snapshot pages, and cite docs.clawd.bot sources. The scripts make outbound HTTP requests to https://docs.clawd.bot, parse HTML, and write cached files and snapshots to ${HOME}/.cache/clawddocs. This is expected for a docs skill, but callers should note the scripts will write to the user's home cache and perform network fetches.
Install Mechanism
No install spec is provided (instruction-only). Scripts are included in the package but nothing will be downloaded/installed automatically. The build script mentions qmd (a third-party tool) as optional; it only suggests installing qmd via cargo if the user wants full-text indexing — the skill does not auto-install code.
Credentials
The skill declares no required environment variables or credentials. The included snippet files contain example config blocks with placeholder tokens (e.g., "YOUR_BOT_TOKEN") which are examples only and not actual secret requests. No additional secrets or unrelated service credentials are requested.
Persistence & Privilege
always:false (normal). The scripts create and modify files under ${HOME}/.cache/clawddocs (sitemap, docs, snapshots). This is reasonable for caching/history features, but it does mean the skill persists data on disk in the user's home directory — it does not modify other skills or system-wide agent settings.
Assessment
This skill appears coherent and focused on documenting Clawdbot. Before installing/using: 1) Review the scripts (they are included) and confirm you trust https://docs.clawd.bot — scripts use curl to fetch pages and will write to ~/.cache/clawddocs. 2) The snippets file contains example config blocks with placeholders (bot tokens, numbers) — do not paste real secrets into these sample files or run commands that would echo secrets into them. 3) If you run build-index.sh with qmd, you'll need to install qmd/cargo separately; nothing is installed automatically. 4) Be aware the skill will perform outbound HTTP requests and store sitemap/doc snapshots locally; if you need no persistent cache, run scripts in a disposable environment or remove ~/.cache/clawddocs afterward. Overall this skill is internally consistent with its documentation/search purpose.

Like a lobster shell, security has layers — review code before you run it.

latestvk970d1dd98ynjfr7ky3vf5aqss7z27ft

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments