ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

ACT Runtime

v0.1.0

Run ACT WebAssembly component tools via `act call`. Use when the user asks to use an ACT component, run a .wasm tool, or needs sandboxed tools (SQLite, HTTP,...

0· 65·0 current·0 all-time
byACT Core@actcore·duplicate of @gamepad64/actcore-act
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The skill's name/description match the SKILL.md: it requires the act CLI and instructs the agent to run act info and act call against .wasm components or OCI refs. No unrelated binaries, credentials, or config paths are requested.
Instruction Scope
Instructions stay within purpose (discover tools, call tools, pass metadata, allow directories). Important operational decisions (e.g., --allow-dir, --allow-fs) can grant components filesystem access; the SKILL.md calls this out and advises caution. No instructions ask the agent to read unrelated host files, environment variables, or exfiltrate data.
Install Mechanism
There is no registry install spec; the SKILL.md recommends installing the act CLI via npm (npm i -g @actcore/act). Installing a global npm package is a normal way to get the required binary but does carry the usual supply-chain/registry risks of any npm package. The recommendation uses a package name (not an arbitrary download URL), which is proportionate for this tool.
Credentials
The skill requests no environment variables or credentials. The primary potential privilege is filesystem/network access that the operator may grant to components at runtime (via --allow-dir/--allow-fs), which is appropriate for a sandboxed runtime but should be granted selectively.
Persistence & Privilege
The skill is instruction-only, has always: false, and does not request persistent privileges or modify other skills. Autonomous invocation is allowed by default but not excessive here.
Assessment
This skill appears coherent for running ACT WebAssembly components. Before installing or using it: (1) Only install the act CLI from an official source (verify the npm package and publisher). (2) When calling remote or third-party components (ghcr.io, HTTP, or unknown .wasm files), inspect their metadata/schemas and avoid granting --allow-fs or broad --allow-dir unless you trust the component. (3) Remember remote components are cached locally — remove cached artifacts if you no longer trust them. (4) Treat running untrusted .wasm components like running any third-party code: least privilege, review inputs/outputs, and avoid exposing sensitive host directories.

Like a lobster shell, security has layers — review code before you run it.

latestvk97c1rdx4yxt751mxhgazjhgzn83t4m3

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Binsact

Comments