ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Blackbox

v0.1.0

Delegate coding tasks to Blackbox AI CLI agent. Multi-model agent with built-in judge that runs tasks through multiple LLMs and picks the best result. Requir...

0· 171·0 current·0 all-time
byAgung Prabowo@agungprabowo123
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
The skill's stated purpose (delegate coding tasks to the Blackbox CLI) is plausible, but the registry metadata lists no required binaries or credentials while the SKILL.md clearly requires Node.js, the @blackboxai/cli, and a Blackbox API key (and implicitly the GitHub CLI for the PR example). The declared requirements in the registry do not align with what the instructions actually need.
Instruction Scope
The SKILL.md instructs the agent to run shell commands (npm install -g, git clone, mktemp, git/gh operations), start interactive and background CLI sessions, clone arbitrary repositories, and run the Blackbox agent against project code. Those actions match the coding-agent purpose but grant the agent the ability to download, modify, and execute code in arbitrary workdirs; the instructions do not constrain or sandbox that behavior.
Install Mechanism
There is no install spec in the registry (instruction-only), but the runtime instructions explicitly tell the agent to install the CLI via npm or from a GitHub repo. Installing a global npm package or cloning/executing code from GitHub is higher-risk than a pure instruction-only skill and should be acknowledged by the metadata; the absence of an install declaration is an inconsistency.
!
Credentials
SKILL.md requires a Blackbox API key (and suggests running `blackbox configure`) but the registry lists no required environment variables or primary credential. The PR review example uses `gh pr checkout` which implies need for GitHub CLI and auth but those are not declared either. Required credentials and tools are not proportionately or transparently declared.
Persistence & Privilege
The skill does not request forced persistence (always: false) and does not attempt to modify other skills or system-wide agent settings in the instructions. Background sessions and process polling are part of normal agent operation and are documented in the SKILL.md.
What to consider before installing
This skill's instructions will install and run the Blackbox CLI, require a Blackbox API key, and ask the agent to run arbitrary shell commands (git, npm, gh, cloning repositories, executing code). Before installing or invoking it: (1) verify you trust the Blackbox CLI source (GitHub repo and npm package) and prefer installing that CLI yourself instead of letting the agent do it automatically; (2) do not provide secrets (API keys) unless you trust the skill and understand where they will be stored; (3) run the agent in a sandbox or isolated workdir (container, VM, or temp dir) to avoid unintended code execution on important projects; (4) note the SKILL.md and registry metadata disagree — ask the author to update registry fields to declare required binaries and credentials (Node.js, @blackboxai/cli, Blackbox API key, optionally GitHub CLI) before proceeding.

Like a lobster shell, security has layers — review code before you run it.

latestvk9782tvezhhmqb39vmzztz998982tzx4

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments