ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Grok Research

v1.0.0

Crypto research via Grok model's real-time X/Twitter knowledge. Forwards the user's query as-is to Grok API — no prompt injection, no context bloat. Use when...

0· 672·5 current·6 all-time
bypollo@arespollo
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The skill's code and SKILL.md align with the stated purpose: it forwards user queries to a remote Grok API and returns the model output. However the description claims 'real-time X/Twitter knowledge' (an external capability of the Grok service) but the skill itself does not access X/Twitter — it only proxies to the ai.a9.bot endpoint. This claim therefore depends entirely on the remote service, not on the skill. Also the top-of-file comment references a different env var name (GROK_API_KEY) than the rest of the repo and SKILL.md (A9_GROK_API_KEY), which is an inconsistency.
Instruction Scope
SKILL.md instructs the agent to forward the user's message 'as-is' to the Grok API and the code does exactly that. That means any prompt-injection content in user input will be forwarded to the external API — the marketing claim 'no prompt injection' is misleading: the skill avoids adding prompts, but does not sanitize or block injected content. The SKILL.md also suggests running the script with bun, but the declared required binaries list is empty (see install mech). The code does not read local files, other env vars, or configurations beyond the API key.
!
Install Mechanism
There is no explicit install spec (instruction-only), which reduces risk, but the script requires the 'bun' runtime (shebang and usage examples). The registry metadata lists no required binaries — that is an inconsistency and may lead to runtime surprises. No external downloads or archives are used.
Credentials
Only a single API credential (A9_GROK_API_KEY) is required, which is proportionate to the stated purpose. Caveat: the source owner and homepage are unknown and the destination host (https://ai.a9.bot) is not documented in registry metadata; supplying your API key will send user queries to that third-party endpoint.
Persistence & Privilege
The skill does not request persistent installation privileges (always:false), does not modify other skills or system settings, and contains no install hooks. It runs as a simple proxy CLI when invoked.
What to consider before installing
This skill will forward whatever the user types to an external API at https://ai.a9.bot/v1 using the A9_GROK_API_KEY you provide — so do not send secrets or sensitive data through it. Confirm the domain and API provider are legitimate before adding your key. The package expects the 'bun' runtime but the registry metadata doesn't declare this; ensure bun is available. Note the SKILL.md claims 'no prompt injection' but the code forwards user input unchanged (it does not sanitize). Also there is a small env-name mismatch in the file comment versus SKILL.md/code (GROK_API_KEY vs A9_GROK_API_KEY). If you need higher assurance, ask the publisher for provenance (source repo/homepage), verify the ai.a9.bot service, and run the script in a controlled environment with a throwaway API key first.

Like a lobster shell, security has layers — review code before you run it.

latestvk97c0few14kbgf8cr7b60g1gq181rz4p

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments