Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Seed
v0.1.2Grow firmware on any hardware through HTTP — upload C, compile on device, apply with watchdog rollback
⭐ 0· 268·0 current·0 all-time
by@awis13
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description (grow firmware via HTTP, compile on-device, watchdog rollback) align with the declared requirements (curl, gcc) and the SKILL.md API. Asking for no credentials and only requiring curl/gcc is coherent for this functionality.
Instruction Scope
The SKILL.md instructs the agent and user to download and run a seed binary and then supports uploading arbitrary C source, compiling it on-device, and providing handler helpers (file_read, file_write, cmd_out). Those helpers allow reading arbitrary files, writing files, and running shell commands on the target device — capabilities that go well beyond simply 'deploying firmware' and can be used to exfiltrate secrets or escalate access. The instructions also show how to fetch the seed source from a raw GitHub URL and run it, which instructs executing remotely fetched code unless the user audits it first.
Install Mechanism
This is instruction-only (no install spec). SKILL.md directs using curl to download seed.c from raw.githubusercontent.com and compiling locally; raw.githubusercontent.com is a known host (lower-than-arbitrary-URL risk) but 'curl-and-run' remains high-risk in practice. Nothing in the skill auto-installs software on the agent's host, but it does instruct users to run code they fetch.
Credentials
The skill itself declares no environment variables and only requires curl/gcc, which is proportional. However, the firmware API exposes file_read and cmd_out that can access arbitrary local files and run commands on the device — meaning sensitive environment data or credentials on a device running seed can be read or invoked by uploaded firmware. Those risks are real even though the skill doesn't ask for credentials explicitly.
Persistence & Privilege
always:false (good). The skill can be invoked autonomously (default), which is normal; if the agent is allowed to act without supervision, combined with the skill's ability to instruct deployment of a self-updating firmware, the blast radius increases. The skill does not request permanent system privileges itself, but the firmware it helps install can gain long-lived control of a device.
What to consider before installing
This skill implements a powerful mechanism: it lets you upload C code to a device, compile it there, and grant that code the ability to read files and run shell commands. Only install or run 'seed' on machines you fully control and isolate (do not run on multi-tenant systems or internet-exposed servers). Before running: review the seed.c source yourself (do not blindly curl | run), prefer cloning the GitHub repo and building locally, restrict network access and run the service inside a sandbox/container with minimal permissions, rotate and protect any tokens produced by seed, and monitor logs and file integrity. If you need to test, use a disposable VM or hardware you can wipe. If you are not comfortable auditing C code or the runtime behavior, do not deploy this skill or the seed software.Like a lobster shell, security has layers — review code before you run it.
latestvk974a1q73c959wn21zcazrmb6x82qs67
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
🌱 Clawdis
OSmacOS · Linux
Binscurl, gcc