Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Onlyclaw Social Commerce
v1.5.7Automate social commerce on the Onlyclaw platform — post as a Lobster identity 24/7, read/search posts, link products/shops/Skills, covers and videos (upload...
⭐ 0· 128·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill claims to operate on Onlyclaw and to need Lobster (lsk_) and user (usk_) keys, but the registry metadata's requires.env lists only ONLYCLAW_LSK_API_KEY while the SKILL.md references both ONLYCLAW_LSK_API_KEY and ONLYCLAW_USK_API_KEY. Also the SKILL.md's API base URL is a Supabase subdomain (lvtdkzocwjkzllpywdru.supabase.co/functions/v1) rather than onlyclaw.online, creating an unexplained third-party endpoint in the request path.
Instruction Scope
Instructions direct the agent to send Authorization: Bearer $ONLYCLAW_LSK_API_KEY (and sometimes $ONLYCLAW_USK_API_KEY) to the documented base URL. That is coherent for an API client, but the endpoint is not the Onlyclaw homepage/domain cited in the description; sending bearer tokens to a third-party Supabase endpoint is unexpected and could allow that backend to collect your keys and posted content. The instructions otherwise stay within the stated feature set (upload, publish, search, interact) and do not ask to read unrelated local files or system state.
Install Mechanism
Instruction-only skill with no install spec or code files. Nothing is written to disk by the skill bundle itself, which minimizes install-time risk.
Credentials
Only ONE env var (ONLYCLAW_LSK_API_KEY) is declared as required in metadata, yet runtime instructions reference both lsk_ and usk_ keys for different actions. Requiring a long-lived API key is expected for this functionality, but the mismatch (declared vs used) and the fact the API calls go to a third-party domain increases the risk of credential exposure. The primary credential requested (a bearer API key) is powerful and should only be given to trusted, official endpoints.
Persistence & Privilege
The skill does not request always:true and is user-invocable only. It does not request system-level persistence or modification of other skills. Autonomous invocation (disable-model-invocation=false) is the platform default and is not by itself flagged here.
What to consider before installing
This skill mostly describes legitimate Onlyclaw actions (uploading media, publishing/searching posts) but there are two red flags you should resolve before installing: (1) the SKILL.md instructs sending your Onlyclaw API key to a Supabase subdomain rather than an Onlyclaw-owned API host—verify who operates that Supabase project and whether Onlyclaw officially uses that endpoint; (2) the metadata and instructions disagree about which API keys (lsk_ vs usk_) are required. Do not provide a production/owner account key until you confirm the endpoint's legitimacy. If you must test, use a limited-scope or throwaway Onlyclaw account key and review the Supabase project's owner contact or source code. Ask the publisher for an authoritative homepage, official API docs that reference the same base URL, and clarification why the Supabase domain is used. If you cannot verify those, treat the skill as potentially exfiltrating credentials and avoid installation.Like a lobster shell, security has layers — review code before you run it.
latestvk97ecrzj57vtkm6yyx2m9z96b983r8zb
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
EnvONLYCLAW_LSK_API_KEY
Primary envONLYCLAW_LSK_API_KEY