ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Nm Conjure Gemini Delegation

v1.0.0

Gemini CLI delegation workflow implementing delegation-core for Google's

0· 11·1 current·1 all-time
by@athola
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The skill's name and description describe Gemini CLI delegation and the SKILL.md implements that flow, which is coherent. However the registry metadata declares no required binaries while the runtime instructions assume the 'gemini' CLI is installed and authenticated — a mismatch that should have been declared. The declared config path 'night-market.delegation-core' is consistent with the described delegation-core integration.
!
Instruction Scope
SKILL.md instructs the agent to run gemini CLI commands that include file-inclusion patterns (e.g. @path, @src/**/*.py) and to run auth/status commands. That means at runtime the agent may read and send local file contents to Gemini. It also references a local hook script (~/conjure/hooks/gemini/status.sh). The instructions mention an environment variable (GEMINI_API_KEY) and interactive auth flows not declared in metadata. These behaviors expand scope beyond a simple 'formatter' and could lead to exfiltration of sensitive local data if used carelessly.
Install Mechanism
No install spec and no code files are included (instruction-only). This minimizes direct code-install risk; nothing will be downloaded or written by an installer. Runtime risk comes from executing local CLI commands described in the instructions, not from an installer.
!
Credentials
Registry metadata declares no required environment variables or primary credential, but the instructions explicitly show using GEMINI_API_KEY and commands like 'gemini auth login'. The omitted declaration of this credential is an inconsistency: the skill will realistically need a Gemini API key or an authenticated CLI to work. The single declared config path (night-market.delegation-core) is reasonable for integration, but the missing env declaration reduces transparency.
Persistence & Privilege
The skill is not always-enabled and does not request elevated or persistent presence. It does not modify other skills or system-wide config in the provided instructions.
What to consider before installing
This skill is instruction-only and will make your agent run the 'gemini' CLI with file-inclusion patterns. Before installing: 1) Confirm you have the gemini CLI and that the publisher explicitly lists it as a required binary (the registry currently does not). 2) Treat GEMINI_API_KEY as sensitive — the SKILL.md references it but it isn't declared in metadata; avoid exposing production or high-privilege keys. 3) Be careful with prompts that include '@path' or globs: they can cause local files (including secrets) to be sent to Gemini. 4) Verify any referenced local hooks (e.g., ~/conjure/hooks/gemini/status.sh) so you know what they do. If you want higher assurance, ask the publisher to (a) declare the gemini binary and required env vars in metadata, (b) document exactly which files the skill will read/send, and (c) provide a minimal example using a temporary/limited test key before granting access to real credentials.

Like a lobster shell, security has layers — review code before you run it.

latestvk97dp9fe4dyb2h3p2d84qpg8v584nrt2

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🦞 Clawdis
Confignight-market.delegation-core

Comments