Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
OpenNexum TS
v0.1.0Contract-driven multi-agent orchestration with ACP. TypeScript CLI for spawning and tracking coding agents via OpenClaw sessions_spawn.
⭐ 0· 48·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description match the repository contents: this is a pnpm monorepo implementing a 'nexum' CLI, prompt rendering, spawn/status helpers that call the OpenClaw CLI, and optional Telegram notifications. Declared requirements (node >=20, pnpm, openclaw) align with the code which invokes openclaw via execa and is built with pnpm/tsc. No unrelated cloud credentials or binaries are requested.
Instruction Scope
SKILL.md and README limit runtime actions to building the repo, running the nexum CLI to generate payloads, calling sessions_spawn via an orchestrator (OpenClaw), and optionally sending Telegram messages if TELEGRAM_BOT_TOKEN/CHAT_ID are set. This stays within the stated purpose. Minor note: Quick Start step 2 tells the user to 'Set env: TELEGRAM_BOT_TOKEN, TELEGRAM_CHAT_ID' although those variables are optional in the README — they are only used for notifications and skipping them preserves core functionality.
Install Mechanism
There is no remote install/spec executed by the platform (instruction-only SKILL.md). Source includes full code files for local build; building requires pnpm and tsc which are declared. No remote downloads or URL installs are present in the skill metadata.
Credentials
The skill declares no required environment credentials. It documents two optional Telegram variables used only for notifications. No unrelated secrets (cloud provider keys, SSH keys, etc.) are requested or required by the skill metadata or instructions.
Persistence & Privilege
always:false and normal autonomous invocation settings are used. The CLI will create and update repository-local files (nexum/active-tasks.json, nexum/config.json) and may append callback blocks to AGENTS/CLAUDE files during `nexum init` — that behavior is explicit in the README/CONTRACTs and is coherent with a project CLI, but users should be aware it will modify files inside the project directory.
Assessment
This repo appears to be what it claims: a local TypeScript CLI that builds with pnpm, calls the OpenClaw CLI (so ensure `openclaw` is installed and on PATH), and optionally posts Telegram messages if you supply TELEGRAM_BOT_TOKEN and TELEGRAM_CHAT_ID. Before using: (1) review the included source (packages/spawn uses execa to call `openclaw` — expected), (2) run builds/tests locally in an isolated workspace or container, (3) note that `nexum init` and CLI commands will create/modify files under the project (nexum/active-tasks.json, config files, and may append to CLAUDE.md/AGENTS.md), and (4) avoid running the CLI from sensitive production directories until you're comfortable with its file-write behavior. If you want extra assurance, run the CLI in a throwaway checkout and inspect generated payloads and the openclaw command arguments before pointing any real orchestrator at them.packages/core/src/git.ts:66
Shell command execution detected (child_process).
packages/spawn/src/spawn.ts:21
Dynamic code execution detected.
packages/spawn/src/status.ts:19
Dynamic code execution detected.
packages/notify/src/telegram.ts:25
Environment variable access combined with network send.
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.Like a lobster shell, security has layers — review code before you run it.
latestvk976rxehw5n97caqz2319awyhs83txqj
License
MIT-0
Free to use, modify, and redistribute. No attribution required.