ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Glance

v1.0.0

Create, update, and manage Glance dashboard widgets. Use when user wants to: add something to their dashboard, create a widget, track data visually, show metrics/stats, display API data, or monitor usage.

0· 1.5k·2 current·2 all-time
by@acfranzen
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description (manage Glance dashboard widgets) match the included docs and APIs. Requiring curl and a GLANCE_URL is reasonable for an HTTP-based local dashboard. However, the SKILL.md/README also refer to many other artifacts (AUTH_TOKEN/GLANCE_TOKEN, OPENCLAW_TOKEN, GLANCE_DATA/DATABASE_PATH, credential storage endpoints) that are not declared in the registry metadata, which is inconsistent.
!
Instruction Scope
The SKILL.md tells an agent to clone repositories, run npm install, start dev servers, create launchd/systemd services, read local sqlite DBs (sqlite3 $GLANCE_DATA/glance.db), and POST user credentials to local endpoints. It also documents an Origin-header bypass of Bearer auth for localhost. These instructions go beyond a simple 'make an API call' skill and instruct reading/writing local files and installing persistent services.
!
Install Mechanism
The skill is instruction-only (no install spec), but the README explicitly recommends a one-line installer: `curl -fsSL https://openglance.dev/install.sh | bash`. Piping a remote script from openglance.dev to bash is a high-risk install mechanism (arbitrary remote code execution). It also suggests cloning a GitHub repo and running npm/pnpm, which is lower risk but still writes code to disk and executes it.
!
Credentials
Registry metadata declares only GLANCE_URL (primaryEnv). The docs and examples, however, reference many other environment variables and credentials (AUTH_TOKEN, GLANCE_TOKEN/GLANCE_API_TOKEN, OPENCLAW_GATEWAY_URL, OPENCLAW_TOKEN/OPENCLAW_WEBHOOK_TOKEN, DATABASE_PATH/GLANCE_DATA). The skill also encourages storing third‑party API keys (GitHub, Anthropic, OpenAI, Notion) into Glance’s credential store. The declared env list is insufficient and underreports the secrets/access the skill expects to use.
Persistence & Privilege
always:false (normal), but the instructions guide installing Glance as a launchd/systemd service and configuring background webhook integrations with OpenClaw. That grants persistent system presence and network callbacks if you follow the README. This is not requested in metadata but is recommended by the skill’s documents.
What to consider before installing
What to consider before installing: - Source verification: the README points to https://github.com/acfranzen/glance and an install script at openglance.dev. Confirm you trust those domains and review the install script before running it — never pipe an unknown remote script to bash. - Environment mismatch: the registry only declares GLANCE_URL, but the docs expect many other env vars (AUTH_TOKEN, OPENCLAW_TOKEN, GLANCE_DATA, etc.) and will ask the agent to manage API keys. Expect the skill to read/write local files and store credentials locally. - Local access & auth bypass: the docs state localhost requests with an Origin header bypass bearer auth and show direct sqlite access commands. That means an agent following these docs may access local data and the Glance DB; verify whether that behavior is acceptable. - Persistence: the project recommends installing as a system service (launchd/systemd). If installed, it will run continuously and accept webhook callbacks — consider isolating it (container or VM) if you have sensitive secrets on the host. - Recommended mitigations: review the GitHub repo and the install script before running; prefer container/Docker installation rather than running on host; do not give the agent carte blanche to run install commands; confirm how credentials are encrypted and where the encryption key is stored; restrict network access to the service where feasible. If you want to proceed, ask the skill maintainer for a signed release or the exact install script contents, and request that required environment variables be declared explicitly in the registry metadata so you can evaluate required secrets up front.

Like a lobster shell, security has layers — review code before you run it.

latestvk978wd4zyay5z043y3n7y1vk2180k58j

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🖥️ Clawdis
Binscurl
EnvGLANCE_URL
Primary envGLANCE_URL

Comments