ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Security Sentinel

v1.0.1

Scan the workspace for security vulnerabilities, exposed secrets, and misconfigurations.

0· 827·10 current·11 all-time
by@autogame-17
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the behavior: both index.js and scan.js scan files, check permissions, and run dependency checks. The skill does not request unrelated credentials or system-level config paths. Minor note: package.json declares fs-extra and glob even though the included code uses only built-in modules; this is likely harmless leftover metadata.
Instruction Scope
SKILL.md instructs running index.js and the code implements dependency audit, secret detection, and permission checks. Both files operate only on the workspace (process.cwd()). Inconsistency: scan.js explicitly skips files ending in '.env' (it continues when file.endsWith('.env')), but index.js claims to include '.env' in the permission checks and SKILL.md advertises secret detection in files including .env — so the scanner may intentionally avoid reading .env contents while still checking its permissions. This is scope-related behavior you should be aware of (could miss secrets stored exclusively in .env).
Install Mechanism
No install script or external download. This is an instruction+source bundle (no network install). package-lock.json and package.json are present but no installation steps are required by the SKILL.md — low install risk.
Credentials
Requires no environment variables or credentials. The code reads repository files (expected for a scanner) and runs a local npm audit. It does not exfiltrate secrets, call external endpoints, or access unrelated credentials.
Persistence & Privilege
always is false and the skill does not modify other skill or system configs. It does not write persistent data or enable itself automatically. It prints results to stdout (CI-friendly) but does not store tokens or change agent settings.
Assessment
This skill appears to do what it says: it reads workspace files to look for secrets, runs npm audit, and checks permissions. Before installing or running it, consider: 1) it will read many files in your workspace (so don't run it in environments with extremely sensitive files you don't want scanned); 2) index.js spawns 'npm audit' which may perform network activity via npm (expected for dependency checks); 3) scan.js intentionally skips .env file contents (but still checks .env file permissions) — if you expect .env secret detection, this is a gap; 4) the scanner prints matches to stdout, which could surface secrets in logs/CI; treat its output as sensitive. If you are comfortable with those behaviors, the skill is coherent with its description.

Like a lobster shell, security has layers — review code before you run it.

latestvk9715yfraehqn8hw6dqadva1nn81bg5h

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments