ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

RunPod pod management

v1.0.1

Manage RunPod GPU cloud instances - create, start, stop, connect to pods via SSH and API. Use when working with RunPod infrastructure, GPU instances, or need SSH access to remote GPU machines. Handles pod lifecycle, SSH proxy connections, filesystem mounting, and API queries. Requires runpodctl (brew install runpod/runpodctl/runpodctl).

0· 1.3k·3 current·3 all-time
by@andrewharp
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
The skill is focused on RunPod pod lifecycle and SSH/SSHFS mounting. The SKILL.md and the mount script implement that functionality (calling runpodctl, using SSH keys, sshfs). However, the registry metadata declares no required binaries/env vars even though the instructions require runpodctl, ssh, and sshfs/fusermount; this appears to be an oversight rather than malicious mismatch.
Instruction Scope
Instructions are limited to RunPod operations: installing runpodctl, configuring an API key via runpodctl, managing SSH keys, and mounting pods via the included script. The script reads/writes SSH key and known_hosts files under ~/.runpod or ~/.ssh (expected for SSH/sshfs). It does parse runpodctl output (grep -oP) which is brittle and may fail on systems where grep lacks -P support; otherwise there is no scope creep (no unrelated system-wide reads or exfil endpoints).
Install Mechanism
This is an instruction-only skill with a small helper script; there is no install spec or remote download, so nothing arbitrary is written to disk by an installer. The included shell script is the only code and its behavior is visible.
Credentials
The skill declares no required environment variables or credentials, but the SKILL.md asks users to run 'runpodctl config --apiKey' (so an API key is required for RunPod use) and documents optional env vars RUNPOD_SSH_KEY and RUNPOD_KNOWN_HOSTS used by the script. The lack of declared required creds in metadata is a minor inconsistency but not an indication of hidden credential access.
Persistence & Privilege
The skill does not request permanent always-on inclusion and does not modify other skills or system-wide agent settings. The script will create directories under your home and write a per-skill known_hosts file (expected for SSH/sshfs usage).
Assessment
What to check before installing: 1) This skill expects runpodctl, ssh, sshfs (FUSE) and a RunPod API key — the registry metadata doesn't list those binaries, so make sure you have them and trust runpodctl's source. 2) The mount script will read your SSH private key (from ~/.runpod/ssh/ or a path you set via RUNPOD_SSH_KEY) and write a known_hosts file under ~/.runpod/ssh/; mounting gives the remote root filesystem access to your local mountpoint — only mount pods you trust. 3) The script parses runpodctl output using grep -P (Perl regex); this may be non-portable on some systems (macOS grep may not support -P). 4) Host key handling uses StrictHostKeyChecking=accept-new (it will accept new host keys automatically and store them in the skill’s known_hosts file) — be aware of the security tradeoff. If you’re comfortable with these points and trust RunPod/runpodctl, the skill appears coherent. If unsure, inspect runpodctl and run the mount script in a sandboxed environment first.

Like a lobster shell, security has layers — review code before you run it.

latestvk97b6qfe56yynxq7q3gtj81g9h80sk9g

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments