Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
OpenClaw JSON Editing Masterclass
v1.0.0Advanced editing of OpenClaw JSON5 configs with schema validation, merge patching, env var substitution, and type-safe modifications using jq.
⭐ 0· 590·2 current·2 all-time
by@avirweb
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill claims advanced JSON5 editing and 'type-safe modifications using jq', but the SKILL.md is almost entirely TypeScript code examples (JSON5, Zod, fs) and contains no concrete jq commands or examples. Requiring the jq binary in metadata is disproportionate given the instruction content; either jq is unnecessary or the documentation is incomplete. Also the skill references OpenClaw-specific CLI commands (openclaw config validate/patch/path) without declaring them as required binaries or explaining how the agent will invoke them.
Instruction Scope
SKILL.md includes explicit file paths (e.g. ~/.openclaw/config.json, ~/.openclaw/agents/<id>/config.json, sessions/state dir) and code showing reading/writing those files and collecting environment variable references (OPENAI_API_KEY, ANTHROPIC_API_KEY). These are concrete instructions that imply the agent should read user config files and environment variables and write back to disk. The skill metadata does not declare or explain this access, so the runtime instruction set has broader scope than the declared surface.
Install Mechanism
This is an instruction-only skill with no install spec and no code files, so nothing new will be written to disk at install time. That lowers install-time risk.
Credentials
The SKILL.md explicitly discusses substituting values like ${OPENAI_API_KEY} and ${ANTHROPIC_API_KEY:-fallback-key} and includes code to collect env-var paths. However the registry metadata declares no required environment variables or credentials. That mismatch is concerning because the skill's legitimate function (editing configs that embed API keys) requires reading environment variables and potentially handling secrets, yet no environment access is declared or scoped.
Persistence & Privilege
always:false (normal) and the skill does not request system-wide privileges, but its instructions include code to write config files under ~/.openclaw and modify agent config files. Writing user configuration is a legitimate capability for a config-editing skill, but it means the agent will modify persistent data on the host if invoked — the user should expect file writes to their OpenClaw state directory.
What to consider before installing
This skill appears intended to edit OpenClaw configuration files and handle env-var substitution, but its metadata and documentation don't line up. Before installing: 1) Ask the publisher why jq is required and request concrete examples showing how jq is used (or remove jq if unused). 2) Confirm whether the agent will read files under ~/.openclaw and environment variables (including API keys) at runtime — those are sensitive. 3) If you plan to use it, run the skill in a sandbox or with limited test configs first, and back up ~/.openclaw. 4) Prefer an updated SKILL.md that lists required binaries/CLI tools, enumerates any environment variables it will read, and provides explicit commands the agent will run so you can verify there is no unexpected exfiltration of secrets.Like a lobster shell, security has layers — review code before you run it.
latestvk9722nsbn23qecgwdz2ygt64f58158qe
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
📝 Clawdis
Binsjq