ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

healthcheck

v1.0.2

Track water and sleep with JSON file storage

9· 21.3k·1.1k current·1.1k all-time
by@stellarhold170nt
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The SKILL.md implements a simple local JSON-based water/sleep tracker, which matches the name and description. However, the runtime commands require Node.js (node -e) but the skill declares no required binaries; that mismatch should be resolved or documented.
!
Instruction Scope
Instructions only read/write {baseDir}/health-data.json (in-scope), but they instruct running inline node -e one-liners where the agent is expected to substitute user values (CUPS, NEW_CUPS). If those substitutions are not strictly validated/parsed as numbers, an attacker-controlled input could lead to shell/JS code injection or unintended filesystem writes. The SKILL.md does not include any sanitization or parsing guidance beyond 'replace CUPS with number'.
Install Mechanism
No install spec (instruction-only), so nothing is written to disk at install time. This is low-risk, but runtime does depend on Node.js being available (not declared).
Credentials
No environment variables, credentials, or config paths are requested — appropriate for a local JSON tracker.
Persistence & Privilege
always:false and standard autonomous invocation allowed. The skill does not request persistent platform-wide privileges or modify other skills' configs.
What to consider before installing
This skill appears to do what it says (local JSON health tracking), but you should check a few things before installing or enabling it: - Ensure the agent/platform will run these commands with Node.js available; the skill fails silently if node is missing even though it doesn't declare node as a required binary. - Verify how the agent substitutes user input (CUPS, NEW_CUPS). Inputs must be parsed/validated as numbers before being inserted into the one-line node -e commands to avoid JS/shell injection. Prefer numeric parsing rather than raw string substitution. - Confirm what {baseDir} resolves to and that the skill is restricted to that directory; otherwise the one-liners could read/write unexpected paths. - If you need stronger safety, ask the maintainer to provide safer code (e.g., a small script file that accepts sanitized arguments) or to declare Node as a required binary and include explicit input-sanitization steps in SKILL.md. Given the injection risk and the undeclared Node dependency, treat this skill as suspicious until those issues are clarified or fixed.

Like a lobster shell, security has layers — review code before you run it.

latestvk97cjtb2v307k4bwjr00byqm8n80bf9t

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments