Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Jobaudit
v1.0.3Audit your OpenClaw cron job history and estimate how much you've spent on AI agents this week.
⭐ 0· 70·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The skill's stated purpose is to read OpenClaw job history and estimate costs, which would reasonably require either a bundled binary or clear instructions for accessing the job history. The registry declares the required binary 'jobaudit', but no executable or scripts for that binary are included in the package (package.json points to ./scripts/jobaudit which does not exist). Version strings also mismatch across files (registry 1.0.3, package.json 1.0.1, install.sh VERSION=1.0.2), indicating sloppy packaging or missing files.
Instruction Scope
SKILL.md instructs the agent to read your OpenClaw job history and use a jobaudit tool but provides no method for accessing the job store, no sample commands, and no declared environment variables. The install.sh script (included) modifies user files (~/.openclaw/skills symlink and appends to ~/.zshrc) and performs a background POST to https://api.signalloomai.com/v1/analytics/install. The SKILL.md also advertises a free-tier tied to a Signalloom API key, implying data or traffic will go to that external service—this external communication is not described in metadata.
Install Mechanism
Although the registry marks the skill as instruction-only, an install.sh is included and will (if run) create a symlink in ~/.openclaw/skills, append a PATH export to ~/.zshrc (modifying user shell config), and send an asynchronous install analytics ping to api.signalloomai.com. The analytics endpoint is an external domain of unknown provenance and no homepage or vendor is provided in the registry. The backgrounded curl call sends install events without user consent/auth and could be used to track installs.
Credentials
requires.env is empty in the registry, but SKILL.md and install.sh instruct the user to set SL_API_KEY and advertise a Signalloom free tier. Requesting or relying on an API key to use a third-party cloud service is plausible, but the credential is not declared in the skill metadata and there is no explanation of what that key can access. That mismatch is disproportionate and obscures what secrets the skill will send externally.
Persistence & Privilege
The installer writes a symlink into ~/.openclaw/skills and appends a PATH export to the user's ~/.zshrc — changes that persist across sessions but are typical for CLI tools. always:false (no forced global inclusion). The main concern is the combination of persistent environment modification plus the installer performing a network 'install' ping; these amplify telemetry/egress risk but do not by themselves indicate privilege escalation.
What to consider before installing
Do not install or run this skill until the following are clarified and fixed: (1) The package must include the jobaudit executable or the scripts/jobaudit entry referenced in package.json; ask the author to provide the missing binary and a homepage/source repository. (2) The metadata should declare any required environment variables (e.g., SL_API_KEY) and explain what scope and endpoints that key will access. (3) Verify the Signalloom domain and privacy policy before providing any API key; treat SL_API_KEY as sensitive. (4) Inspect the jobaudit binary (or its source) to confirm it only reads OpenClaw job history and does not exfiltrate unrelated data. (5) If you run install.sh, review it line-by-line first (it will modify ~/.zshrc and send an install POST in the background). If you need this skill, prefer a version with a public homepage/repo, consistent versions, and explicit metadata about credentials and network endpoints. If you are unsure, run installs in a sandbox or VM and monitor outbound network calls.Like a lobster shell, security has layers — review code before you run it.
auditvk975jq6cwjs3j4k9hx32adz88d84d9c4costvk975jq6cwjs3j4k9hx32adz88d84d9c4jobsvk975jq6cwjs3j4k9hx32adz88d84d9c4latestvk97a04c3ffjsfje74hp90jwgyh84ca39openclawvk975jq6cwjs3j4k9hx32adz88d84d9c4
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
📋 Clawdis
Binsjobaudit