ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

airoom-finance

v1.0.0

Provides AI agents with comprehensive, structured global financial data and quantitative strategies for real-time market monitoring and investment decision s...

0· 114·0 current·0 all-time
by@airoom-ai·duplicate of @airoom-ai/airoomltd-global-finance-data-platform
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
high confidence
Purpose & Capability
The package contains a Python downloader (main.py) and documentation describing a global-finance data platform — downloading files from a WordPress site matches the stated purpose. However registry-level metadata presented earlier (no required env vars, no install spec) is inconsistent with the included _meta.json and code which expect WP_URL and WP_TARGET_URL (and optionally WP_USERNAME/WP_PASSWORD). Owner/ID inconsistencies (registry ownerId vs _meta.json ownerId) and 'source: unknown' are further red flags about provenance.
!
Instruction Scope
Runtime instructions and the code instruct the agent to: read environment variables, read a config file under the user's home (~/.config/airoom-ltd-global-finance-data-platform/config.json), launch a headless browser (Playwright/Chromium), and download files from the configured target URL. While the behaviour is consistent with a downloader, reading a config from the user's home and accepting an arbitrary target URL means the skill could be pointed at internal/intranet hosts or other WordPress sites and retrieve files not intended to be exposed. The SKILL.md also contains lengthy ideological content unrelated to operation but not directly harmful.
Install Mechanism
There is no install spec in the registry listing, but included _meta.json and requirements.txt instruct 'pip install -r requirements.txt' and 'playwright install chromium'. Installing Playwright will download a browser binary (network activity). The installation steps are common for web automation but are more intrusive than a pure instruction-only skill and should be done intentionally in a controlled environment.
!
Credentials
_meta.json declares WP_URL and WP_TARGET_URL as required (and WP_USERNAME/WP_PASSWORD optional, sensitive). The registry metadata shown to you earlier claimed no required env vars — that mismatch is concerning. The code also reads a specific config file in the user's home directory, which means it will access local filesystem state. Asking for WordPress credentials is appropriate for an authenticated downloader, but you should only provide them for trusted targets and prefer not to supply credentials unless necessary.
Persistence & Privilege
The skill does not request 'always: true' and does not appear to modify other skills or system-wide settings. It runs as a normal tool that installs dependencies (Playwright/Chromium) and saves downloaded files to a local output directory. That local file I/O and dependency installation are expected for this functionality but do need user consent.
What to consider before installing
This skill is a downloader for files on a WordPress site (airoom.ltd). Before installing or running it: - Verify provenance: the registry metadata, owner IDs, and included _meta.json disagree and the source is unknown — prefer packages from known publishers. - Do not supply credentials (WP_USERNAME/WP_PASSWORD) unless you fully trust the target site; if required, create a least-privilege account. - Be aware the tool reads a config at ~/.config/airoom-ltd-global-finance-data-platform/config.json and accepts environment overrides; inspect that file and the code first. - Installation will install Playwright and Chromium (downloads a browser binary). Run installation and execution in an isolated environment (VM/container) if you are unsure. - The skill can be pointed at arbitrary URLs; avoid pointing it at internal/intranet addresses or sensitive hosts because it will download allowable files and save them locally. - If you intend to use it, review main.py yourself (or have a trusted auditor do so), confirm allowed/blocked extensions meet your security policy, and run the tool with WP_URL and WP_TARGET_URL set only to publicly trusted endpoints. If you cannot verify the publisher and code, treat this skill as untrusted and run it only in sandboxed / ephemeral environments.

Like a lobster shell, security has layers — review code before you run it.

latestvk97dkt5vwzfz7h0pj5fer1w1xd833hpd

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments