Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
ROCm vLLM Deployment
v1.0.0Production-ready vLLM deployment on AMD ROCm GPUs. Combines environment auto-check, model parameter detection, Docker Compose deployment, health verification...
⭐ 2· 394·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill claims to prepare and report on vLLM deployments and includes two helper scripts that match that scope (environment check and report generation). However the registry metadata declares no required env vars while the SKILL.md and scripts clearly expect HF_TOKEN and HF_HOME (optional). There is also a small inconsistency: SKILL.md advises sourcing ~/.bash_profile but check-env.sh actually sources ~/.bashrc.
Instruction Scope
check-env.sh sources the user's ~/.bashrc (executing arbitrary shell code from the user's rc file) and will create ~/.bashrc if missing. Both check-env.sh and generate-report.sh echo a truncated HF_TOKEN (first 10 characters) into stdout/logs and the generated report, which means sensitive token material can be written into deployment logs and DEPLOYMENT_REPORT.md under $HOME/vllm-compose/<model-id> — a potential secret-leakage risk. Aside from that, the scripts do not perform network calls or write to unexpected remote endpoints.
Install Mechanism
Instruction-only skill with no install spec and no external downloads. The scripts live in the skill directory and nothing in the manifest creates or executes external installers — low install risk.
Credentials
Requesting HF_TOKEN and HF_HOME is appropriate for interacting with HuggingFace models, but the skill/README/manifest mismatch (registry says no required env vars) is confusing. More importantly, the scripts log the token prefix and include token status in generated reports, which is disproportionate handling of a secret. The skill does not ask for unrelated credentials.
Persistence & Privilege
The skill does not request elevated platform privileges or set always:true. It does write under $HOME/vllm-compose/<model-id>/ and will touch/create ~/.bashrc if absent — this is modest persistence in the user's home directory and should be expected for a deployment helper but is worth noting.
What to consider before installing
This skill appears to be a deployment helper and is not obviously malicious, but exercise caution before running it on a sensitive system. Specific actions to consider: 1) Inspect scripts locally (you already have them) before executing. 2) Avoid putting long-lived HF tokens in shell rc files; prefer ephemeral environment variables or a protected .env file with strict permissions. 3) Be aware check-env.sh will source ~/.bashrc (it will execute code from your rc file) and may create an empty ~/.bashrc if missing — run it in a controlled shell first or review/sanitize your rc file. 4) The scripts log the HF_TOKEN prefix and include status in reports stored under $HOME/vllm-compose — treat those files as sensitive. 5) If you want stronger assurance, ask the publisher for a full deployment workflow (the skill includes env-check and report generation but no deployment steps in these scripts) and confirm there are no external network endpoints or installers. If you plan to use this in production, prefer running on an isolated machine or container and store tokens in a secrets manager rather than in shell rc files.Like a lobster shell, security has layers — review code before you run it.
amdvk977vsm41cy7k9t9vqyv77e5y5823m7bdeploymentvk977vsm41cy7k9t9vqyv77e5y5823m7bgpuvk977vsm41cy7k9t9vqyv77e5y5823m7blatestvk977vsm41cy7k9t9vqyv77e5y5823m7brocmvk977vsm41cy7k9t9vqyv77e5y5823m7bvllmvk977vsm41cy7k9t9vqyv77e5y5823m7b
License
MIT-0
Free to use, modify, and redistribute. No attribution required.