Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
ToolRouter
v1.0.1One gateway to 150+ tools for AI agents — competitor research, video production, web search, image generation, security scanning, and more. Requires a ToolRo...
⭐ 0· 128·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
SKILL.md describes a gateway to 150+ tools and shows how to call those tools via an MCP bridge or direct HTTP; that aligns with the advertised purpose. However the registry metadata shows no required environment variables while the SKILL.md explicitly requires a TOOLROUTER_API_KEY — an inconsistency in declared requirements/provenance (registry lists no homepage/source but SKILL.md references toolrouter.com and an npm package).
Instruction Scope
The runtime instructions tell the agent to run 'npx -y toolrouter-mcp' (executing code pulled from npm at runtime) or to connect to a remote MCP endpoint at api.toolrouter.com. While these actions match providing an external tool gateway, executing an npm package on-demand expands the attack surface and may run arbitrary code in the agent environment. The SKILL.md otherwise does not ask the agent to read unrelated local files or other env vars.
Install Mechanism
There is no formal install spec in the registry, but the instructions rely on npx to fetch and run 'toolrouter-mcp' from npm. npx/on-demand package execution is a moderate-risk install mechanism because it downloads and runs third-party code at runtime; the registry gives no verifiable provenance for the package publisher beyond a claim (Humanleap) and the skill's owner/source are unknown.
Credentials
The SKILL.md requires a single API key (TOOLROUTER_API_KEY), which is proportionate for a third-party gateway service. However the registry metadata did not declare this required env var — a mismatch that reduces transparency. No other credentials or config paths are requested.
Persistence & Privilege
The skill does not request always:true, does not declare special OS or config path access, and is user-invocable only. It does not appear to request elevated persistence or to modify other skills' configurations.
What to consider before installing
Before installing: confirm the vendor and package provenance (verify toolrouter.com and the 'toolrouter-mcp' npm package publisher and inspect its code), prefer using the remote HTTP MCP endpoint instead of running npx in sensitive environments, avoid providing the API key in shared or high-privilege agents until you trust the provider, review billing and acceptable-use terms (the skill advertises scraping and security tooling which can be sensitive), and if you must run the npm bridge, run it in an isolated/sandboxed environment. The main red flags are the registry metadata omission of the required API key and the skill instructing runtime execution of an npm package with no published source/owner verification.Like a lobster shell, security has layers — review code before you run it.
latestvk97fvx7zn5yvapr0930pex69xh83ydpj
License
MIT-0
Free to use, modify, and redistribute. No attribution required.