ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Acpx

v1.0.0

Use acpx as a headless ACP CLI for agent-to-agent communication, including prompt/exec/sessions workflows, session scoping, queueing, permissions, and output...

0· 1.8k·23 current·27 all-time
by深山大柠檬@beelkic
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
The name/description describe a headless ACP CLI and the SKILL.md only documents how to install and use such a CLI. The recommended npm install and the use of npx-resolved agent adapters align with the stated purpose.
Instruction Scope
The instructions describe reading prompt text from stdin/files, using cwd-scoped sessions, merging global+project config, and showing session history. These behaviors are expected for a session/CLI tool, but they imply the CLI will read repository files and local config (which may contain secrets). The SKILL.md does not instruct the agent to access unrelated system paths or credentials itself.
Install Mechanism
The skill is instruction-only (no bundled install), and it recommends installing 'acpx' from npm (npm i -g acpx) and uses npx for several adapter agents. This is a normal installation route but carries the usual npm risk: installing or npx-running third-party packages executes upstream code you should vet.
Credentials
The skill declares no required env vars or credentials. It does mention an ACP 'authenticate' handshake and config-sourced credentials as part of normal operation; those are not requested by the skill itself but may be required by the installed CLI or adapter agents at runtime.
Persistence & Privilege
The skill is not always-enabled and is user-invocable; it does not request persistent platform privileges. Note: the CLI supports an '--approve-all' flag which would suppress interactive permission prompts if the user passes it — a user-level convenience that should be used cautiously.
Assessment
This SKILL.md is coherent: it documents how to use a headless ACP CLI and how to invoke external agent adapters. Before installing or running anything it recommends, do the following: (1) Inspect the 'acpx' package on the npm registry (and its repository/source) to ensure you trust the maintainer; (2) be cautious about running npx commands (they fetch and execute packages on demand); (3) avoid using global '--approve-all' unless you understand what permissions and data the agent will access; (4) assume the CLI will read repo files and local config when using cwd-scoped sessions — do not run it in directories containing secrets you do not want exposed; (5) if possible, test in an isolated environment (container/VM) before installing globally. If you want a more definitive safety assessment, provide the upstream package source (npm/ GitHub repo or tarball) so its code and install scripts can be reviewed.

Like a lobster shell, security has layers — review code before you run it.

latestvk97512w89rr20d04jh29rwxefn833d5w

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments