ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Tracker Latest Run Monitor

v1.0.0

Monitor the most recent run result of a configured OpenClaw cron job and send a compact Feishu private message with the latest execution time, status, and de...

0· 35·0 current·0 all-time
by张家钊@aaronstuart
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The skill claims to be a generic 'latest-run monitor' but the script is hardcoded to a single job and absolute paths under /home/SENSETIME/... and a specific tracker name. That makes the published purpose (general monitor) inconsistent with the implementation (single-user, single-job target).
!
Instruction Scope
SKILL.md instructs running the included Node script, which reads a concrete JSONL run file and a projects.json. The script will read files in /home/SENSETIME/..., including another skill's workspace config; those file-access requirements are not declared in the registry metadata and grant access to secrets/config outside the skill's apparent scope.
Install Mechanism
No install spec is provided (instruction-only plus included script). Nothing is downloaded or written by an install step, which is lower risk than fetching external archives or packages.
!
Credentials
The script expects Feishu credentials (appId/appSecret) and notifyUserOpenId inside a projects.json file at a hardcoded path. The registry lists no required env vars or config paths. The code therefore accesses secret material (appSecret) and another skill's config without declaring it—this is disproportionate and a potential secret-exfiltration risk if repointed incorrectly.
Persistence & Privilege
The skill is not marked always:true and does not request persistent system-wide privileges. It does, however, read filesystem paths; no modifications to other skills or system settings are performed.
What to consider before installing
This skill will read files at /home/SENSETIME/... and expects Feishu credentials inside projects.json for a different skill workspace. Before installing/running: (1) inspect projects.json and the runs JSONL file to confirm they contain only data you are willing to expose to this script (they include appSecret/notifyUserOpenId); (2) consider editing the script to point to paths in your environment or to accept explicit config (avoid leaving hardcoded absolute paths); (3) don't run it as a privileged user or in an environment where it can read unrelated secrets; (4) if you don't trust the publisher, avoid running it and reimplement the small logic yourself to ensure no unexpected data access. Providing the skill author, a rationale for the hardcoded paths, or a version that accepts explicit config would increase confidence.
!
scripts/monitor-tracker-runs.js:30
File read combined with network send (possible exfiltration).
About static analysis
These patterns were detected by automated regex scanning. They may be normal for skills that integrate with external APIs. Check the VirusTotal and OpenClaw results above for context-aware analysis.

Like a lobster shell, security has layers — review code before you run it.

latestvk97d9zywa02x6taw0tcseqrgdh8429gq

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments