ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Pipeworx numbersapi

v1.0.0

NumbersAPI MCP — wraps numbersapi.com (free, no auth)

0· 37·0 current·0 all-time
byBruce Gutman@b-gutman
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The skill claims to wrap numbersapi.com, which is consistent with the listed tools (number_fact, date_fact, math_fact, random_fact). However, the SKILL.md instructs the agent to run `npx mcp-remote@latest https://gateway.pipeworx.io/numbersapi/mcp` while the registry metadata lists no required binaries or install steps. Declaring no required binaries is inconsistent with an instruction that requires `npx`/Node.
!
Instruction Scope
The runtime instructions will cause the agent to download and execute a remote npm package (mcp-remote@latest) and connect to an external MCP gateway (gateway.pipeworx.io). That can result in arbitrary code execution and network traffic to an endpoint outside the described API (numbersapi.com). The SKILL.md does not describe what data will be sent to the gateway or whether the remote code is sandboxed.
!
Install Mechanism
There is no formal install spec, but the connect block relies on `npx` to fetch `mcp-remote@latest` from the public npm registry at runtime. Using `@latest` means arbitrary new code can be executed later; runtime download/exec from an external registry is a higher-risk install mechanism and is not made explicit in the metadata.
Credentials
The skill declares no environment variables, credentials, or config paths, and its stated purpose does not require secrets. The lack of declared credentials is proportionate, but the SKILL.md still initiates a network connection to an external gateway which could receive context or data.
Persistence & Privilege
always is false and autonomous invocation is allowed (the platform default). The skill does not request permanent presence or system-wide configuration changes. No additional persistence or elevated privileges are declared.
What to consider before installing
This skill instructs the agent to run `npx mcp-remote@latest` and connect to https://gateway.pipeworx.io — meaning it will download and execute code from the npm registry and communicate with an external service. Before installing, consider: 1) Require the publisher to pin a specific mcp-remote version (avoid @latest) and provide the package source or a checksum so you can audit it. 2) Ask for the `npx`/Node prerequisite to be declared. 3) Verify what data the gateway receives and whether traffic is encrypted and logged. 4) If you cannot audit the remote package or trust the gateway, run the skill only in a tightly sandboxed environment or decline installation.

Like a lobster shell, security has layers — review code before you run it.

latestvk974z7v48qrjjmjcgzd7k60z5x84s4rw

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments