Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Openclaw Migration
v0.1.0Migrate a user's OpenClaw customization footprint into Hermes Agent. Imports Hermes-compatible memories, SOUL.md, command allowlists, user skills, and select...
⭐ 0· 168·0 current·0 all-time
byAgung Prabowo@agungprabowo123
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill's name and description match the actions present in the code: it reads ~/.openclaw, converts SOUL.md/MEMORY.md/USER.md, copies skills into ~/.hermes/skills/openclaw-imports/, merges allowlists, and writes to Hermes config/.env. These filesystem and config operations are expected for a migration helper. However, the SKILL.md text states that only TELEGRAM_BOT_TOKEN is allowlisted for --migrate-secrets, while the script's SUPPORTED_SECRET_TARGETS includes many provider keys (OpenAI, Anthropic, ElevenLabs, OpenRouter, etc.). That discrepancy is significant and unexplained.
Instruction Scope
The SKILL.md instructs dry runs and interactive prompts and constrains path resolution; the script follows that pattern and provides flags and conflict modes. But the runtime behavior includes reading and writing sensitive files (.env, config.yaml), copying entire skill directories, and archiving files from ~/.openclaw. Those actions are within migration scope but are also high-impact: they touch credentials and global Hermes config. The mismatch about which secrets may be migrated increases risk because users might enable secret migration without realizing provider API keys will be imported.
Install Mechanism
There is no remote install step or external download: this is an instruction-only skill with an included Python script. No network fetches or obscure installers are present. The script will be placed on disk as part of skill installation (normal for instruction-with-script skills).
Credentials
The skill declares no required env vars, which is fine, but the code includes a SUPPORTED_SECRET_TARGETS set that covers many sensitive API tokens (OPENAI_API_KEY, ANTHROPIC_API_KEY, ELEVENLABS_API_KEY, OPENROUTER_API_KEY, etc.) and offers a --migrate-secrets flow. The SKILL.md downplays this by mentioning only TELEGRAM_BOT_TOKEN in the top-level text; the code shows broader secret handling. Migrating provider keys into Hermes .env is sensitive and should be explicit to the user.
Persistence & Privilege
The script will write into ~/.hermes (skills directory, tts, config.yaml, and .env) and can overwrite or rename existing items (it supports conflict modes: skip/overwrite/rename and will backup). That level of persistent modification is expected for a migration tool, but it is privileged: it modifies other skill areas and global agent config. The SKILL.md promises interactive choices and dry runs, but users must ensure they complete those prompts and verify backups before allowing write operations.
What to consider before installing
This skill mostly does what it claims (migrates OpenClaw data into Hermes), but review before running: 1) Run a dry-run first (hermes claw migrate --dry-run) and inspect the produced report. 2) Inspect the included script (scripts/openclaw_to_hermes.py) yourself — it will read ~/.openclaw and write to ~/.hermes, including config.yaml and .env. 3) Do not enable secret migration (--migrate-secrets) unless you understand exactly which keys will be moved: the SKILL.md mentions only TELEGRAM_BOT_TOKEN, but the script supports importing many provider API keys (OpenAI, Anthropic, ElevenLabs, OpenRouter, etc.). 4) Back up your ~/.hermes and any important files beforehand (the tool will attempt backups, but a manual copy is safer). 5) If you plan to let the agent run this interactively, ensure the clarify tool will be used for decisions (per SKILL.md) and confirm each conflict resolution choice. 6) If anything is unclear, run the script locally from a copy of your ~/.openclaw, or ask the skill author to clarify which secrets are migrated and to limit the scope.Like a lobster shell, security has layers — review code before you run it.
latestvk979csgpv9ffcqnp125ajbdbrn82v4ak
License
MIT-0
Free to use, modify, and redistribute. No attribution required.