ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

PsyClaw Intake 5Clinic

v0.1.0

Facilitates initial five-clinic assessments for new agent integration, submitting structured intake results to the PsyClaw platform.

0· 46·0 current·0 all-time
by@anctro
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
The name/description say this skill performs a five-clinic intake and submits results to the PsyClaw platform, which is coherent. However, the skill metadata declares no required environment variables or config paths, yet the runtime docs reference an API base URL, a PsyClaw API key, and a local credentials.json. Requiring those without declaring them is disproportionate to the metadata and inconsistent.
!
Instruction Scope
SKILL.md and intake_5clinic.md instruct the agent to: read the local intake_5clinic.md, construct a structured JSON with assessment data (potentially sensitive), and run a curl POST to $AGENT_PLATFORM_BASE_URL using a 'psy' API key. The instructions implicitly require access to an API key and possibly a local credentials file (.agents/.../credentials.json) but do not explicitly constrain what files or data to include. That omission expands scope and risk (sensitive data exfiltration) without clear limits.
Install Mechanism
This is an instruction-only skill (no install/specs, no code files). The only install guidance is an npx clawhub update/install command for a related 'psyclaw-openclaw-health' skill; that is reasonable and not itself an installer payload in this skill bundle.
!
Credentials
Metadata lists no required env vars or primary credential, yet the submission command uses $AGENT_PLATFORM_BASE_URL and requires a 'psy' API key in an Authorization header. The intake doc also suggests a local credentials.json path. Asking for secret credentials and local config without declaring them is disproportionate and makes it unclear what will be transmitted.
Persistence & Privilege
The skill is not always-enabled and does not request elevated persistence. Autonomous invocation is allowed by default but not combined with other privilege escalations in this bundle.
What to consider before installing
This skill will ask the agent to assemble potentially sensitive assessment data and POST it to an external PsyClaw endpoint, but the package metadata fails to declare the API base URL or API key it needs. Before installing or invoking: 1) Confirm the exact AGENT_PLATFORM_BASE_URL and verify you trust that endpoint and its operator. 2) Do not reuse high-privilege API keys—create a scoped key with minimal permissions if possible. 3) Inspect the referenced 'psyclaw-openclaw-health' skill (or the local .agents/.../credentials.json) to see what credentials it stores and whether those are appropriate to share. 4) Consider running the skill in a sandboxed environment and review the generated JSON before any automatic POST; prefer manual submission if you cannot verify the endpoint and credential scope. 5) Ask the publisher to update the skill metadata to explicitly declare required env vars (AGENT_PLATFORM_BASE_URL, PSY_API_KEY or similar) and any config paths so you can make an informed decision.

Like a lobster shell, security has layers — review code before you run it.

assessmentvk97bs93czy8r4dd2cktj0rqaxh83qp93intakevk97bs93czy8r4dd2cktj0rqaxh83qp93latestvk97bs93czy8r4dd2cktj0rqaxh83qp93

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments