Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Dirs Submit
v1.0.2CLI tool for the `ship` command wrapping aidirs.org and backlinkdirs.com submission APIs. Use when the user needs to login, submit a URL, preview site metada...
⭐ 0· 35·1 current·1 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
The skill claims to wrap two directory submission APIs and the instructions only reference the ship CLI, the two sites (aidirs.org and backlinkdirs.com), local token storage, and API endpoints for submit/fetch. There are no unrelated credentials, binaries, or paths requested.
Instruction Scope
SKILL.md directs the agent to run the ship CLI, open a browser for OAuth-style login, start a localhost callback to receive tokens, and read/write ~/.config/ship/config.json. It also instructs checking GitHub releases and performing self-update downloads. These actions are within scope for a CLI that logs in, stores tokens, submits URLs, previews metadata, and self-updates — but reading/writing the token config and fetching remote release assets are notable behaviors the user should be aware of.
Install Mechanism
The registry entry has no formal install spec (instruction-only), but README suggests installing via a curl | bash installer hosted on raw.githubusercontent.com and README/self-update behavior relies on GitHub release assets. Fetching scripts or binaries from GitHub releases is common, but it is a network-download install method (moderate risk). There is no evidence of obscure or malicious hosts in the provided text.
Credentials
No required environment variables are declared. The skill documents optional fallbacks (DIRS_TOKEN and DIRS_BASE_URL) which are appropriate for a CLI that can use either stored tokens or env-provided token/base URL. The only config path is ~/.config/ship/config.json where tokens are stored; this is proportionate to the stated purpose.
Persistence & Privilege
always:false (normal). The CLI will persist tokens to ~/.config/ship/config.json and supports a self-update that replaces the local executable with a downloaded release asset. Persisting its own config is expected; self-updating (replacing the binary) is functionally coherent but raises the usual caution: downloaded update code executes with the user's privileges.
Assessment
This skill appears to do what it says: it wraps the ship CLI to log in (browser OAuth), store tokens in ~/.config/ship/config.json, submit/fetch URLs, and self-update from GitHub releases. Before installing or using it, inspect any install script (the README suggests curl | bash from raw.githubusercontent.com) and the release assets the tool downloads for updates. Be aware the tool will store bearer tokens on disk and can replace its own executable during self-update — if you run the installer or self-update, ensure the source repo and releases are trustworthy. If you are uncomfortable, run ship commands manually after reviewing the install.sh, or create a dedicated environment/user account and revoke tokens if you later suspect misuse.Like a lobster shell, security has layers — review code before you run it.
latestvk979kqjbnny63bjefryjs7wwph845618shipvk979kqjbnny63bjefryjs7wwph845618
License
MIT-0
Free to use, modify, and redistribute. No attribution required.