Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Algernon Debate
v1.0.0Design trade-off debate mode for OpenAlgernon. Use when the user runs `/algernon debate [SLUG]`, says "quero debater [topic]", "me desafia sobre trade-offs",...
⭐ 0· 106·0 current·0 all-time
byAntonio V. Franco@antoniovfranco
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The skill claims to run a debate mode, but the SKILL.md hard-codes DB=/home/antonio/.../vestibular.db and NOTION_CLI=~/go/bin/notion-cli and runs sqlite3 against that DB. The registry metadata lists no required config paths, binaries, or env vars — this is inconsistent and suggests the skill expects access to a specific user's local files.
Instruction Scope
Runtime instructions tell the agent to read a local SQLite DB, run shell commands (sqlite3) to select cards, append content to a Notion page via notion-cli, and append to a conversation log. These actions access local files and transmit content externally (Notion) but none of those accesses are declared in the skill metadata or justified by the description.
Install Mechanism
There is no install spec (instruction-only), which is low-install-risk. However, the instructions implicitly require sqlite3 and a user-installed notion-cli at ~/go/bin/notion-cli; those dependencies are neither declared nor ensured, creating a hidden dependency and operational surprise.
Credentials
The skill declares no required environment variables or credentials, yet the Notion append step requires a PHASE_PAGE_ID and notion-cli will need Notion credentials; the DB path points to a specific home directory. This mismatch could cause the agent to access sensitive local data or require supplying unrelated credentials without transparent justification.
Persistence & Privilege
The skill is not set to always:true and is user-invocable only, which is appropriate. Note: model invocation is enabled (platform default), but that alone is not a concern here; the main issue is undeclared data access in the instructions.
What to consider before installing
Before installing, verify and fix these inconsistencies: (1) The SKILL.md references a hard-coded local DB in /home/antonio — confirm whether the skill should access your files and change it to a configurable path or remove it. (2) The skill calls ~/go/bin/notion-cli and uses PHASE_PAGE_ID but declares no required binaries or env vars — require explicit environment variables (e.g., NOTION_PAGE_ID, NOTION_TOKEN) and document installation steps. (3) Decide whether you want the agent to read local databases and write to external services; if not, do not install. (4) If you do install, run it in a sandboxed account or container, inspect and edit SKILL.md to remove personal paths and to make all external calls explicit, and ensure notion-cli and sqlite3 are intended and safe. (5) If you cannot verify provenance of the skill (source unknown), prefer not to install or request a version with no hard-coded personal paths and clear declarations of required credentials.Like a lobster shell, security has layers — review code before you run it.
latestvk9743z5wh97sgvtw4vqa4bb9r9833b08
License
MIT-0
Free to use, modify, and redistribute. No attribution required.