Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill's name, description, and SKILL.md align: it is a researcher assistant that outlines search, evaluation, synthesis, and monitoring workflows. However, the doc explicitly maps features to tools (e.g., exec/shell_exec, web_fetch, searxng, memory/store, schedule_create) even though the skill declares no required binaries, env vars, or install steps. That mismatch is not necessarily malicious but is a design inconsistency: the skill expects capabilities that are not enumerated in the metadata.
Instruction Scope
The SKILL.md instructs the agent to perform multi-source web search/fetching, use shell execution (exec), store entities in memory/JSON, and set up continuous monitoring/schedules. Those are broad runtime actions: shell execution can run arbitrary commands, web_fetch can access external sites, and scheduling/monitoring implies recurring activity. The instructions do not constrain or limit these actions (no explicit bans on private files, system paths, or where results are sent), giving the agent broad discretion.
Install Mechanism
This is a prompt-only skill with no install spec and no code files, which minimizes disk writes and direct install risk. No downloads, packages, or binaries are installed by the skill itself.
Credentials
The skill declares no required environment variables or credentials, which keeps its declared surface small. But the instructions assume access to external tools/APIs (web fetch/search, scheduling, memory store) that in practice may require credentials or tokens. The absence of declared env vars is a potential omission rather than proof of safety — enabling it may rely on other skills/tools that have their own secrets.
Persistence & Privilege
always:false (good). However, the skill describes continuous monitoring and schedule creation, which implies persistent/recurring activity if the agent and platform allow it. Autonomous invocation is permitted by default on the platform; combined with monitoring/scheduling this increases potential for ongoing network activity or repeated access to data. The skill does not request to modify other skills or system-wide config.
What to consider before installing
This skill is essentially a detailed set of instructions for how an agent should perform research. It's not installing anything, but it tells the agent to use tools that can fetch web data, run shell commands, store information, and set up ongoing monitoring. Before installing or enabling it: (1) Confirm which agent tools (exec, web_fetch, searxng, memory/store, scheduler) are available and what privileges they have; (2) If you don't want shell access or continuous network monitoring, disable or remove those tools or run the skill in a restricted context; (3) Test with non-sensitive queries to observe behavior and storage locations (where entities and SESSION-STATE.md would be written); (4) Be cautious about autonomous/recurring monitoring — limit frequency or require manual approval for scheduled tasks; (5) Because source/homepage is unknown, prefer not to grant it high trust or persistent privileges until you can verify the author or origin.Like a lobster shell, security has layers — review code before you run it.
autonomousvk972hwh0zfxrsby1b1vjv2wdrd824qcvlatestvk972hwh0zfxrsby1b1vjv2wdrd824qcvresearchvk972hwh0zfxrsby1b1vjv2wdrd824qcv
License
MIT-0
Free to use, modify, and redistribute. No attribution required.