Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
chitin-chronicle
v1.0.0Coordinates multi-agent content publishing by preventing duplicates, tracking timeline, managing claims, and recording immutable publication history with git...
⭐ 0· 332·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
The skill implements a local, git-backed claim/ledger/registry system which matches the described purpose. Minor mismatches: the registry metadata and some docs refer to 'chitin-chronicle' vs 'chitin-editorial' (inconsistent naming), and SKILL.md examples use an absolute user path (/home/aaron/...) while the scripts use relative __dirname. The skill executes git commands but 'required binaries' in the registry metadata list none — git (and Node.js) are de facto requirements and should be declared.
Instruction Scope
Runtime instructions and the CLI operate only on files inside the skill's editorial/ directory (claims, ledger, registry, timeline). The SKILL.md asks you to add a boot-check script to your AGENTS.md startup sequence and to set OPENCLAW_AGENT; the code reads that env var (falling back to USER). The instructions do not request remote endpoints or unrelated system files. Note: SKILL.md examples reference a specific home path which you should adapt to your environment.
Install Mechanism
This is an instruction-only skill with included scripts; there is no network download or package installation step. All code is local and uses Node.js built-ins and bash. That is lower risk than arbitrary installs.
Credentials
The skill does not declare or require secrets or external credentials. It uses OPENCLAW_AGENT or USER to identify the agent, which is reasonable for its purpose. No unrelated environment variables, keys, or config paths are requested.
Persistence & Privilege
The skill is not force-installed (always:false) and can be invoked by the agent. It writes state to files in its own editorial/ directory and runs local git commits (execSync). Because it performs git operations, if that editorial directory contains a .git repository with hooks, those hooks could execute arbitrary code during commits — inspect any included .git before use. The skill suggests adding a boot hook to AGENTS.md (user opt-in), which increases runtime frequency but is not automatic.
Assessment
This skill appears to do what it says: local, file-based coordination and an append-only ledger. Before installing: 1) Verify Node.js and git are available on the host (the metadata did not declare git but the scripts call git). 2) Inspect the skill directory, especially any .git directory, for suspicious git hooks or unexpected files — git commits in the skill will exercise those hooks. 3) Update any absolute paths in the docs (e.g., /home/aaron/...) to match your environment and ensure the AGENTS.md boot entry points to the correct location. 4) Decide whether you want the boot-check to run on every session (it only reads local state but will display editorial state at startup). 5) If you run this on a multi-user machine, confirm file permissions for the editorial/claims and .git directories to avoid cross-user surprises. If you want higher assurance, run the scripts in a sandboxed workspace first and review the code (editorial.js and boot-check.sh) line-by-line — they are short and self-contained.Like a lobster shell, security has layers — review code before you run it.
latestvk9700wg48d2aprbtd8w7rtchrh821dr9
License
MIT-0
Free to use, modify, and redistribute. No attribution required.