ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Devtools Secrets

v1.0.0

Knowledge and guardrails for the mise + fnox + infisical secrets toolchain. Use when the user asks to "configure secrets", "set up fnox", "infisical", "mise...

1· 587·4 current·4 all-time
by@basher83
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description (secrets toolchain guidance) matches the instructions: the skill checks for mise/fnox/infisical, inspects project and global config files, and documents provider/env patterns. Nothing requested is outside what a secrets-configuration helper would reasonably need.
Instruction Scope
Instructions include shell checks and file reads (e.g., cat .infisical.json, head ~/.config/mise/config.toml, test for fnox.toml) and running CLI commands (e.g., infisical user get). These are coherent with diagnosing/configuring the toolchain, but they do cause the agent to read local and global config files which can contain metadata and possibly sensitive values (or tokens if present). The SKILL.md also references repo-level hooks (.claude/settings.json); this is explanatory, not an inscrutable remote endpoint.
Install Mechanism
Instruction-only skill with no install spec and no code files. No downloads or archive extraction are present, so there is no install-time risk in the skill itself.
Credentials
The skill declares no required environment variables or credentials. It does reference many env var names and CI usage patterns (INFISICAL_TOKEN, FNOX_AGE_KEY, etc.) as part of normal guidance. Because it may prompt or instruct use of these tokens for CI/testing, users should be mindful before providing sensitive credentials to any agent execution.
Persistence & Privilege
always is false, no install or self-modifying behavior, and the skill does not request persistent presence or attempt to change other skills or global agent configuration. The one caution is that the agent can invoke the skill autonomously (platform default), which is normal and expected.
Assessment
This skill is a documentation/runbook for mise+fnox+infisical and appears internally consistent. Before letting an agent run these instructions: (1) be aware it will read local and global config files (~/..., project files) and run CLIs that may expose metadata or secrets if present; (2) do not paste service tokens or secrets into an agent prompt unless you trust the execution environment; (3) if you prefer, run the listed diagnostic commands yourself (command -v, cat, head, infisical user get) so you control what is printed; (4) consider restricting autonomous invocation or reviewing any commands the agent proposes to execute. If you want a narrower audit, provide a transcript of the exact commands the agent would run and I can point out which outputs may contain sensitive data.

Like a lobster shell, security has layers — review code before you run it.

latestvk97b26f770ed6tzg4sbke6f45s81grhc

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments