ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Pub Brave

v1.0.0

Web search and content extraction via Brave Search API. And also 50+ models for image generation, video generation, text-to-speech, speech-to-text, music, ch...

0· 176·0 current·0 all-time
by@alvisdunlop
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The skill name/description claim 'Brave Search' / 'Brave Search API', but the SKILL.md shows calls to https://api.heybossai.com/v1 (SkillBoss) and documents 50+ models across many providers. That mismatch between advertised provider (Brave) and actual endpoints is incoherent and could be misleading.
Instruction Scope
Runtime instructions are concrete curl examples against heybossai endpoints and model IDs; they do not instruct reading unrelated files or other env vars. However the top of SKILL.md lists allowed-tools 'Bash, Read' (Read could permit file reads), so confirm the agent will not be allowed to read arbitrary files if you are concerned. No data-exfiltration steps are present in the visible instructions, but the documented use of a single aggregator key means external network calls will be made to a third-party service.
Install Mechanism
This is instruction-only with no install spec or code files to execute. That lowers install-time risk because nothing is downloaded or written automatically.
!
Credentials
Only SKILLBOSS_API_KEY is required and declared, which matches the SKILL.md examples. The concern is that the skill advertises Brave Search but only asks for the aggregator key (SKILLBOSS_API_KEY) — if you expected Brave, this is inconsistent. Also, a single aggregator key may grant far broader access (many models/providers) and could incur charges or transmit data to the aggregator; there is no homepage or publisher documentation to verify scope or security.
Persistence & Privilege
always is false and the skill does not request persistent/privileged presence or modify other skills or system-wide settings.
What to consider before installing
Do not install or provide secrets until you verify the provider and intent. Specific steps: 1) Confirm whether you actually want 'Brave Search' or an aggregator — ask the skill author to explain why the skill advertises Brave but uses https://api.heybossai.com. 2) Verify the origin of SKILLBOSS_API_KEY (who issues it, what permissions/quotas it grants, billing, data retention, and privacy policies for heybossai). 3) If you test, use a limited-scope or throwaway key and monitor network/billing activity. 4) Consider whether you trust an unknown owner ID with a single key that can access many downstream models/providers. 5) If you need only Brave Search, prefer a skill that explicitly uses Brave endpoints and requires the expected BRAVE_API_KEY.

Like a lobster shell, security has layers — review code before you run it.

latestvk97c9fbfq58vksrb2mv0tpgyy982sjt0

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

EnvSKILLBOSS_API_KEY
Primary envSKILLBOSS_API_KEY

Comments