ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

use-claudecode

v1.0.2

A universal MCP-compatible tool/skill that empowers ANY AI Agent to natively call the local Anthropic Claude Code CLI. Ideal for code refactoring, large scal...

1· 229·0 current·0 all-time
by@bighit1
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name/description claim (delegate coding tasks to a local Anthropic Claude Code CLI) matches the contained code: it runs a local 'claude' subprocess in a supplied project_path and returns terminal output. Required resources (none) align with the stated purpose.
!
Instruction Scope
SKILL.md instructs the agent that it must trigger this skill for any file/project engineering tasks and to supply an absolute project_path. That prescriptive language expands agent behavior and encourages automatic delegation of potentially destructive filesystem operations. The instructions also advertise 'bypass token limits' and developer-style guidance that grants broad discretion to execute arbitrary CLI prompts.
Install Mechanism
No install script or remote downloads are present; this is instruction + local wrapper code only, which is lower risk from supply-chain perspective.
Credentials
The skill requests no credentials or special env variables (proportional). However, it is designed to execute the local 'claude' binary in any absolute path the agent is given, which implicitly grants the skill the ability to read/modify arbitrary files reachable by that path — a legitimate capability for a CLI wrapper but one that increases the blast radius if misused.
Persistence & Privilege
always:false (good). Autonomous invocation is allowed (platform default). Combined with the SKILL.md's 'must trigger' wording and the bypassPermissions CLI flag, this means an agent could autonomously run potentially destructive operations unless the agent or platform enforces user confirmations.
What to consider before installing
This skill is a local wrapper that runs your installed 'claude' CLI in whatever absolute path you provide and returns the terminal output. Before installing: (1) confirm you trust the anonymous author and review the included __init__.py (it runs subprocesses and executes the local 'claude' binary); (2) be aware the skill defaults to passing --permission-mode bypassPermissions, which may suppress interactive confirmation prompts and let commands make changes without further confirmation; (3) restrict agent autonomy or require user approval before the agent calls this tool, because it can modify any files under the supplied project_path; (4) test in a sandbox/project copy first; and (5) verify you actually want the agent to automatically delegate file changes to a local CLI rather than performing changes under explicit human control.

Like a lobster shell, security has layers — review code before you run it.

latestvk9747bnaccbx25rz25bzba9he582ra4t

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments