Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Huckleberry
v0.1.0Track baby sleep, feeding, diapers, and growth via Huckleberry app API. Use for logging baby activities through natural language.
⭐ 0· 1.5k·0 current·0 all-time
by@aaronn
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
Name/description claim to log baby activities via Huckleberry API which matches the included CLI. However the code also imports and uses google.cloud.firestore and calls api._get_firestore_client() to read/write Firestore documents directly — a capability not declared in the skill metadata (no required env vars or config paths were listed). The direct Firestore access is more powerful than a simple API wrapper and is not reflected in the registry metadata.
Instruction Scope
SKILL.md and the script instruct the agent to read credentials from environment variables or ~/.config/huckleberry/credentials.json and to install a GitHub-hosted Python package. The code performs direct Firestore reads/writes (bypassing a documented external service endpoint) and will attempt to use Google Application Default Credentials if present — this expands scope to include local config and cloud credentials beyond the Huckleberry username/password.
Install Mechanism
There is no registry install spec, but SKILL.md asks to pip install a GitHub repository (git+https://github.com/Woyken/py-huckleberry-api.git). Installing a package directly from a GitHub repo is common but higher-risk than a vetted PyPI release because it pulls arbitrary code from that repo.
Credentials
The repository metadata declared no required environment variables or config paths, yet SKILL.md and scripts require HUCKLEBERRY_EMAIL and HUCKLEBERRY_PASSWORD (or a credentials file) and the code may rely on Google Cloud credentials (ADC) for Firestore access. Required secrets are not declared in the skill metadata and additional implicit credential surfaces (Google Application Default Credentials, local config) exist.
Persistence & Privilege
always is false and the skill does not request system-wide persistent installation in the registry. The script will read/write a credentials file under the user's home (~/.config/huckleberry) and may access Google Cloud ADC, but it does not modify other skills or request elevated platform-wide privileges.
What to consider before installing
What to consider before installing:
- The SKILL.md and code require HUCKLEBERRY_EMAIL/HUCKLEBERRY_PASSWORD or a credentials file (~/.config/huckleberry/credentials.json); the registry metadata does not list these — expect to supply secrets if you use it.
- The script imports google.cloud.firestore and directly reads/writes Firestore documents (api._get_firestore_client()). That may cause the script to use Google Application Default Credentials (GOOGLE_APPLICATION_CREDENTIALS or gcloud user creds) if they exist — be careful: it can access other Google project credentials present on the host.
- The package installation is a pip install from a GitHub repo (not a vetted PyPI release). Review the upstream py-huckleberry-api repo and the included scripts/hb.py source yourself before installing.
- If you decide to use it: run in an isolated environment (dedicated VM/container or virtualenv), create a Huckleberry account with least-privilege credentials, avoid reusing sensitive Google credentials, and inspect the code paths that call Firestore to ensure writes are intended.
- If you need a cleaner trust boundary, request the publisher add explicit metadata for required env vars/config paths and document the Firestore usage (why direct Firestore access is necessary) so you can assess risk more precisely.Like a lobster shell, security has layers — review code before you run it.
latestvk974j2rpgnrnhmhwbm0ymgs1gs80ge08
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
👶 Clawdis
Binspython3