ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Web Star Studio's Flow PMS

v1.0.0

Interact with FlowDeck Project Management API (projects, cycles, tasks). Use for CRUD + archive/unarchive operations via the FlowDeck REST API through Supaba...

0· 50·0 current·0 all-time
byDouglas Araújo@araujodgdev
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
Requires OAuth token
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
Name/description match the included scripts: the code implements CRUD and lookup flows against a FlowDeck REST API via a Supabase Edge Functions gateway. However the registry metadata claims no required env vars or primary credential while the code clearly requires an API key (FLOWBOARD_API_KEY) and optionally a base URL (FLOWBOARD_BASE_URL). Also the code ships a hard-coded default base URL pointing to a specific supabase.co domain, which is disproportionate for a generic 'FlowDeck' skill and can redirect traffic to that external endpoint unless the user overrides it.
Instruction Scope
SKILL.md instructs the agent to run the included Python scripts (via 'uv run') and to operate from the user's working directory. The runtime behavior is limited to calling the configured API gateway using provided API key/base URL and summarizing results. The scripts do not read unrelated system files or credentials. Minor oddity: the instruction 'Always run from the user's current working directory so any output files are saved there' is inconsistent with the scripts, which print JSON and do not create files.
Install Mechanism
There is no install spec (instruction-only skill with code files). The scripts declare a dependency on httpx (and require Python >=3.10) and expect the 'uv' runner to be present. That is lower-risk than downloading/executing remote archives, but the skill relies on the runtime to provide dependency resolution (uv) which the user must trust.
!
Credentials
The code expects FLOWBOARD_API_KEY (required) and FLOWBOARD_BASE_URL (optional) and also accepts keys passed via CLI args. Those env vars are proportionate to the stated purpose — the ability to authenticate to the Flow API is necessary — but the registry metadata does not declare these requirements (mismatch). Critically, a default FLOWBOARD_BASE_URL is hard-coded to a specific supabase.co domain in multiple files; if the user does not explicitly set FLOWBOARD_BASE_URL, their API key (or the key they export) may be sent to that external domain. This default endpoint is unexpected for a generic skill and raises an exfiltration risk unless the base URL is deliberately set to a trusted instance.
Persistence & Privilege
The skill does not request permanent inclusion (always:false) and does not modify other skills or system-wide settings. It runs on-demand and only uses environment variables and network calls consistent with its function.
What to consider before installing
Before installing or running this skill: 1) Treat it as untrusted until you verify the author — the source is unknown. 2) Do NOT export your primary Flow/organization API key globally; prefer a least-privileged key scoped for read-only testing. 3) Explicitly set FLOWBOARD_BASE_URL to your own trusted FlowDeck/Supabase gateway before running; do not rely on the hard-coded default (https://mycivgjuujlnyoycuwrz.supabase.co/functions/v1/api-gateway) because it will cause requests (and your API key) to be sent to that external domain. 4) Test first with read-only operations (list/get) and confirm responses are as expected. 5) Inspect or run the scripts in an isolated environment (sandbox or ephemeral VM) to verify behavior. 6) Ask the publisher to update registry metadata to declare required env vars and to remove or make explicit any default external endpoints. 7) If you cannot verify the owner or do not control the base URL, avoid providing any real API key; instead create a disposable/limited API key and rotate it after testing.

Like a lobster shell, security has layers — review code before you run it.

latestvk976gk3qrakmcggqsncmkk8z2d84p95s

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments