ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Setup claw.tech

v1.0.3

Use when setting up a new claw agent with tapes.dev telemetry and clawtel leaderboard reporting. Installs tapes, clawtel, and the openclaw-in-a-box orchestra...

0· 73·0 current·0 all-time
by@bdougie
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description claim to install tapes, clawtel, and an 'openclaw-in-a-box' skill; the SKILL.md indeed downloads/installs those components. However the SKILL.md metadata includes an install URL for tapes (https://download.tapes.dev/install) even though the registry summary listed no install spec — a mild inconsistency. Asking the user to register at claw.tech for CLAW_ID and CLAW_INGEST_KEY is coherent with a telemetry/leaderboard setup, but those env vars are not declared in the skill's top-level requirements, which is a mismatch.
!
Instruction Scope
Runtime instructions tell the agent/user to run a remote shell installer (curl -fsSL https://download.tapes.dev/install | bash), download and extract a binary and move it to /usr/local/bin, clone or fetch SKILL.md from raw.githubusercontent.com, and set CLAW_ID/CLAW_INGEST_KEY environment variables. Those actions are within the stated setup scope, but they grant the remote installers high discretion (they run arbitrary shell code) and require writing system-wide binaries/config. The skill claims clawtel only reads token-count columns, but that is an unverifiable claim in this instruction-only asset.
!
Install Mechanism
The installer uses a curl | bash pattern against https://download.tapes.dev/install (a domain that is not an obvious widely-audited release host). Curl|bash is high-risk because it executes remote shell content without requiring the user to inspect it. The clawtel binary comes from GitHub releases (expected), and fetching raw SKILL.md from raw.githubusercontent.com is normal, but the initial shell installer URL should be audited before use.
Credentials
The registry lists no required env vars, but the instructions require the user to set CLAW_ID and CLAW_INGEST_KEY (sensitive ingest key). Requiring those keys is logical for reporting telemetry, but the skill should declare them. The instructions assert that no key = no network calls for clawtel, and that clawtel only reads limited DB columns; those security claims are unverifiable from the SKILL.md alone.
Persistence & Privilege
always:false and autonomous invocation are normal. The install steps move a binary to /usr/local/bin (system-wide path) and write a skills/ directory, which require elevated privileges or user consent — reasonable for a CLI install but worth noting. The skill does not request permanent 'always' presence or attempt to modify other skills' configs in this SKILL.md.
What to consider before installing
Before installing, review and verify the remote installer and binaries: 1) Do not run curl | bash without inspecting the script—download https://download.tapes.dev/install in your browser or via curl -fsSL to a local file and read it first. 2) Confirm download.tapes.dev is trusted for your environment; prefer official release archives signed or hosted on well-known repos if available. 3) The setup moves a binary into /usr/local/bin (requires sudo); consider installing into a user-local bin or verifying the binary's checksum. 4) CLAW_INGEST_KEY is a secret shown once—store it securely (env var or system keychain), and be aware reporting/telemetry will send aggregated counts to claw.tech per the instructions. 5) Fetch and inspect the openclaw-in-a-box SKILL.md before handing off orchestration. 6) If you aren't comfortable with remote installers or system-wide changes, run this in an isolated VM or container first. Finally, ask the skill author (or documentation) for: a reproducible audit of what the tapes installer does, a checksum/signature for the clawtel binary, and a declaration of required env vars in the registry metadata to resolve the inconsistency.

Like a lobster shell, security has layers — review code before you run it.

latestvk9736p1k8awt76sm440fwyvexn83x5pd

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🦞 Clawdis
Binscurl

Comments