ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Multi-Skill Automation Suite

v1.0.0

Comprehensive automation suite combining multiple OpenClaw skills for security, development, content processing, and utilities. Includes healthcheck, git ess...

1· 329·0 current·0 all-time
by@bestrocky
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The suite claims host hardening, firewall/SSH management and system monitoring (operations that normally require elevated privileges and explicit configuration), plus automatic discovery/installation of other skills and headless-browser automation. Yet the manifest requests only git and curl and lists no config paths, no install steps, and no privilege requirements. That mismatch is inconsistent: either the skill cannot actually perform those tasks as described, or it omits required capabilities/permissions.
!
Instruction Scope
SKILL.md is high-level and provides no concrete runtime commands or file paths. It asserts automatic updates and 'find and install new agent skills automatically' but gives no mechanism or safeguards — this vagueness grants broad implicit discretion. Additionally, it advertises 'AI Text Humanization' to 'bypass detection systems', which is an explicit instruction to produce evasive outputs and raises ethical/misuse concerns.
Install Mechanism
This is instruction-only with no install spec or code files, so nothing will be written to disk by the skill bundle itself. That lowers direct supply-chain risk. However, the README/usage references 'clawhub install' and automatic updates; the actual installer and its source are not provided here and would need review.
Credentials
No environment variables, credentials, or config paths are requested despite capabilities that normally require them (system/root access, cloud credentials for monitoring, browser binaries). The absence of declared secrets is proportional on paper but implausible given the claimed features; lack of declared credentials makes the capability claims suspect or under-specified.
Persistence & Privilege
always:false (normal). The skill claims it will auto-install and auto-update other skills, which implies the ability to modify agent configuration or perform network installs; those privileges are not made explicit. Default autonomous invocation is allowed (disable-model-invocation:false) — combine that with the suite's claim to auto-manage skills and you have a higher blast radius if the implementation were malicious or buggy.
What to consider before installing
Do not install this suite yet. Ask the maintainer for: (1) source code or install scripts for 'clawhub install' and the auto-update/auto-install functions, (2) exact runtime commands the skill will run for host hardening and whether they require sudo/root, (3) which binaries (headless browser, monitoring agents) it will install and from what URLs/releases, (4) evidence the suite won't modify other skills or agent configs without explicit consent, and (5) clarification and justification for the 'AI Text Humanization / bypass detection' feature (it may be misuse). If you must test, run it in a fully isolated sandbox or VM, review the actual installer and update mechanism, and prefer a signed, well-documented release with a verifiable homepage and maintainer contact.

Like a lobster shell, security has layers — review code before you run it.

latestvk975avsnrfqx4hg3vr5xc3df118218e7

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Binsgit, curl

Comments