ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Insecure Defaults Detection

v1.0.0

Detects fail-open insecure defaults (hardcoded secrets, weak auth, permissive security) that allow apps to run insecurely in production. Use when auditing security, reviewing config management, or analyzing environment variable handling.

0· 2.2k·8 current·8 all-time
by@atlas-secint
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the actual instructions: the skill is an auditing checklist and search/verification workflow for insecure defaults. It does not ask for unrelated credentials, binaries, or system-level access.
Instruction Scope
SKILL.md instructs the agent to discover project language/frameworks, search repository paths (config/, auth/, database/, env files), grep for patterns, and trace code paths. This is appropriate for a security audit, but the instructions assume the agent can read project files and run shell/grep commands (allowed-tools include Read and Bash) — which means the agent will see any secrets present in the repository. There are no instructions to exfiltrate data or contact external endpoints.
Install Mechanism
Instruction-only skill with no install spec and no code files. No downloads or packages are installed, so there is minimal install risk.
Credentials
The skill requires no environment variables, credentials, or config paths. The SKILL.md refers to inspecting repo files and (optionally) production configs, which is consistent with its purpose; it does not request unrelated secrets.
Persistence & Privilege
always is false and the skill is user-invocable. It does not request persistent system presence or modification of other skills or system-wide settings.
Assessment
This is an instruction-only auditing checklist that will read repository files and run search/trace operations (grep/Bash). It does not request credentials or install code. Before installing: (1) review the SKILL.md/examples to ensure its checks align with your environment and won't generate noise; (2) be aware the agent will be able to view any secrets present in the codebase while performing the audit; and (3) only enable autonomous invocation if you trust the agent's access level to your projects.

Like a lobster shell, security has layers — review code before you run it.

auditvk970w0ctyptgd9hxgcw0q00q858024tflatestvk970w0ctyptgd9hxgcw0q00q858024tfsecurityvk970w0ctyptgd9hxgcw0q00q858024tftrailofbitsvk970w0ctyptgd9hxgcw0q00q858024tf

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments