ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Osop Review

v1.2.0

Review .osop/.osoplog for security risks, permission gaps, and destructive commands

0· 32·1 current·1 all-time
by@archie0125
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The skill claims to review .osop/.osoplog files for security issues — that matches the SKILL.md instructions. However the registry metadata requires access to ~/.osop/config.yaml and the bash binary even though the runtime instructions only say to read the provided target file and do an analysis. The config file requirement is not explained in the instructions and could grant access to unrelated persistent configuration or credentials.
Instruction Scope
SKILL.md instructions are narrowly scoped to: read the argument file (.osop or .osoplog), detect risky nodes/commands/secrets, compute a risk score, and present findings. The instructions do not tell the agent to read other files or environment variables, nor to transmit data externally.
Install Mechanism
This is an instruction-only skill with no install spec and no code files — lowest-risk install profile. Nothing is written to disk by an installer.
Credentials
No environment variables or credentials are requested (good). But the declared required config path (~/.osop/config.yaml) is not referenced in SKILL.md. Requesting a user config file without explaining why is disproportionate: that file could contain tokens or global settings unrelated to the single-file review.
Persistence & Privilege
The skill is not always-enabled and does not request persistent privileges. It is user-invocable and allows model invocation (normal). There is no evidence it modifies other skills or system-wide settings.
What to consider before installing
This skill appears to do what it says (analyze .osop/.osoplog contents) but asks for access to ~/.osop/config.yaml and declares bash as required without justifying either. Before installing or running it: - Ask the skill author why ~/.osop/config.yaml is required and what data from it will be read. If the skill needs config context, it should state that in SKILL.md and explain exactly what keys are used. - Confirm whether the skill will actually read the config path or only the argument file. If uncertain, run the skill on a copy of your .osop/.osoplog in a sandbox or with a wrapper that prevents reading ~/.osop. - Verify the bash requirement: if the skill is purely a file analyzer, it shouldn't need a shell binary. Prefer a skill that lists only the minimal dependencies. - When running, avoid supplying real secrets or production logs; test first with redacted samples. If the author updates SKILL.md to explicitly explain the use of ~/.osop/config.yaml (or removes that requirement) and documents any shell commands it runs, the assessment would likely move to benign. If the skill actually reads the config for tokens or other secrets without clearly declaring that, treat it as high-risk and do not install.

Like a lobster shell, security has layers — review code before you run it.

latestvk9740jv973e3bpmdbwb2yhmd4n841e4t

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Binsbash
Config~/.osop/config.yaml

Comments