ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Hivebrite By Altf1be

v1.0.0

Hivebrite Admin API CLI — users, companies, events, groups, donations, memberships, emailings, mentoring, news, projects, media center, forums, and more. OAu...

0· 33·0 current·0 all-time
byAbdelkrim from Brussels@abdelkrim
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description, required env vars (HIVEBRITE_BASE_URL, HIVEBRITE_ACCESS_TOKEN), optional OAuth env vars, and the included CLI script all match a Hivebrite admin API client. The dependencies (commander, dotenv) and package.json are appropriate for a Node CLI.
Instruction Scope
SKILL.md instructs installing dependencies and running the bundled script. The script only references Hivebrite endpoints (api/admin/* and /oauth/token), local package.json, and a disk cache for tokens. It does not attempt to read unrelated system files or send data to third-party endpoints.
Install Mechanism
No remote installer or download URLs are used; installation is via 'npm install' which pulls commander and dotenv from the public npm registry (package-lock.json present). This is standard for a Node CLI and not disproportionate to the task.
Credentials
Requested environment variables are appropriate for a Hivebrite admin tool (access token or OAuth client_id/client_secret/admin credentials/refresh token). These are sensitive (client_secret, admin password, refresh token), but their presence is justified by OAuth support. Primary credential is HIVEBRITE_ACCESS_TOKEN as declared.
Persistence & Privilege
The CLI caches OAuth tokens (access and refresh tokens) to disk at ~/.cache/openclaw/hivebrite-token.json. This is reasonable for convenience, but it persists sensitive tokens in the user's home directory and could be accessed by other processes/users with access to that path.
Assessment
This skill appears to do what it says: it's a Node CLI that talks only to your Hivebrite instance and supports OAuth or bearer tokens. Before installing, consider: 1) Only provide credentials for the intended Hivebrite instance and prefer scoped/rotated tokens or a dedicated service account rather than a personal admin password. 2) The tool caches tokens to ~/.cache/openclaw/hivebrite-token.json (including refresh tokens) — if you don't want on-disk tokens, avoid using the OAuth flow or remove/secure that file. 3) npm install will fetch commander and dotenv from the public registry—review package-lock.json if you require strict supply-chain control. 4) If you have low trust in the publisher, inspect scripts/hivebrite.mjs (included) before running, or run in an isolated environment. 5) Rotate or revoke tokens/credentials if you stop using the skill.
scripts/hivebrite.mjs:35
Environment variable access combined with network send.
!
scripts/hivebrite.mjs:16
File read combined with network send (possible exfiltration).
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.

Like a lobster shell, security has layers — review code before you run it.

latestvk974a5s8pqge20hydfe7v0g30n840028

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🐝 Clawdis
EnvHIVEBRITE_BASE_URL, HIVEBRITE_ACCESS_TOKEN
Primary envHIVEBRITE_ACCESS_TOKEN

Comments