Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Apify Keys

v1.0.0

Rotating Apify API key manager. Returns the least-recently-used active Apify key from the ColdCore database. Use before any Apify API call to get a fresh key...

⭐ 0· 52·0 current·0 all-time

by@aces1up

MIT-0

Download zip

LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.

Security Scan

VirusTotal

Pending

View report →

OpenClaw

Suspicious

high confidence

Purpose & Capability

Name/description match the code: the script selects, updates, and returns Apify API keys from a ColdCore MySQL DB. However, the registry metadata declares no required environment variables or credentials while the SKILL.md and code expect COLDCORE_* env vars — and the script embeds a default DB host, username, and password (IP 208.87.131.78 / avnadmin / lRHS2T8XagsA5z4u3ZYd). That embedded credential and absent metadata are disproportionate or at least undocumented.

Instruction Scope

SKILL.md instructs calling the included script; the script connects to a remote MySQL DB, SELECTs and UPDATEs rows in scrape_sm_accounts, and may call api.apify.com to check balances. Those actions are consistent with the stated purpose, but the use of a hardcoded default DB host/creds and the fact the script will auto-install Python packages at runtime expands scope and privileges beyond what the registry metadata documents.

Install Mechanism

There is no formal install spec, but the script attempts to install dependencies at runtime (pip install mysql-connector-python and requests) using subprocess.check_call and --break-system-packages. Runtime, implicit package installation can modify the environment and is higher risk than an instruction-only skill that doesn't write to disk or install packages.

Credentials

SKILL.md documents COLDCORE_HOST/USER/PASS/DB env vars, but the skill registry lists no required envs or primary credential. The code provides default, hard-coded DB credentials — sensitive information — which is not justified in the registry metadata. The skill will return sensitive Apify API keys sourced from that DB; this behavior is expected for a key-rotator but increases the sensitivity of the missing/embedded credential handling.

✓

Persistence & Privilege

The skill is not always-enabled and does not request elevated agent privileges. It does modify remote state (updates last_used in the ColdCore DB) which is expected for an LRU rotator, but it does not alter other skills or system-wide agent configuration.

Scan Findings in Context

[hardcoded-credential] unexpected: The code contains a hard-coded MySQL host (208.87.131.78), username (avnadmin), and password (lRHS2T8XagsA5z4u3ZYd) as defaults. A key-rotator should accept credentials via config/env and the registry should declare required envs; embedding credentials is a security and transparency concern.

[runtime-pip-install] expected: The script installs python dependencies (mysql-connector-python and requests) at runtime using pip. Installing dependencies is necessary if they are not present, but implicit runtime installation can change the environment and may be unexpected by users.

[database-write] expected: The script performs an UPDATE to set last_used. Writing to the database is expected behavior for an LRU rotator, but it means the skill will modify remote state when invoked.

What to consider before installing

This skill implements an Apify key rotator that reads/writes a remote ColdCore MySQL database and returns API keys (sensitive secrets). Before installing or using it, consider the following: - The code contains default, hard-coded DB credentials and a specific IP address. Treat this as a red flag: verify the host and credentials are intended for your environment. Do not rely on the embedded defaults. - The registry metadata does not declare the COLDCORE_* environment variables the script uses; if you install, supply your own COLDCORE_HOST/COLDCORE_USER/COLDCORE_PASS/COLDCORE_DB via environment variables to avoid using defaults. - The script will auto-install Python packages at runtime (pip). If you have policies against on-the-fly package installation, avoid using this skill or inspect/approve the packages first. - The skill will update the database (it writes last_used timestamps). Ensure you trust the remote DB and understand that invocations will modify its data. - Because the skill returns API keys, limit its use and who/what can invoke it. Prefer running this code in a trusted environment, replace hard-coded defaults with secure config or secrets, and review network access to the DB host. If you cannot confirm the legitimacy of the embedded host/credentials, do not install or run this skill. At minimum, request an updated version that removes hard-coded secrets, documents required env vars in registry metadata, and provides an explicit install/permission model for dependencies.

Like a lobster shell, security has layers — review code before you run it.

latestvk977g3kr5xej3m9nfw6zwjdhd983g3x3

License

MIT-0

Free to use, modify, and redistribute. No attribution required.

Termshttps://spdx.org/licenses/MIT-0.html

Apify Keys

License

Comments