Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Garden Irrigation
v1.0.1Prototype smart irrigation skill scaffold for greenhouse and outdoor zones using Tuya sensors and weather data.
⭐ 0· 64·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description match the code: it reads soil sensors, fetches weather, makes irrigation decisions and can request valve actuation. However the declared metadata says no required env/config and 'instruction-only', yet the package contains runnable code and relies on an external 'tuya-cloud' skill and Tuya credentials (mentioned in README). The skill should have declared those dependencies and required env vars; their absence is an incoherence.
Instruction Scope
Runtime scripts stay within the stated domain (read sensors via tuya-cloud, call Open-Meteo, write local JSONL reports, optionally call valve control). They also include helpers to emit OpenClaw tool-call markers to send notifications. They do not access unrelated system files or secrets directly, but they do call a controller script from another skill (subprocess) which delegates behavior outside this package.
Install Mechanism
There is no install spec (instruction-only metadata), and no external download/install instructions in the manifest; code is included directly. This is low install-surface risk. Note: the code will execute an external script from the 'tuya-cloud' skill via subprocess, so you must ensure that other skill's code is trustworthy.
Credentials
Metadata declares no required environment variables, but README and code expect Tuya credentials (TUYA_ACCESS_ID, TUYA_ACCESS_SECRET, TUYA_API_ENDPOINT) via the tuya-cloud integration and may rely on OPENCLAW_AGENT_ID at runtime to determine environment context. The system config also contains bot_account_id/bot_target placeholders used to send messages. Missing declaration of these required credentials/configs is a mismatch and increases risk if users assume no secrets are needed.
Persistence & Privilege
The skill does not request 'always: true' and does not modify other skills' configuration. It writes logs and reports into a configurable data directory (config.storage.base_dir), which by default points outside the skill directory ('../data') — this is normal for an app but worth noting. Autonomous invocation (disable-model-invocation=false) is the platform default and not by itself a red flag here.
What to consider before installing
This skill appears to implement a reasonable irrigation prototype, but the package metadata is inconsistent with what the code actually needs. Before installing or running it: 1) Ensure the dependent tuya-cloud skill is installed and inspect its tuya_controller.py — the TuyaClient calls that script via subprocess, so that other skill's code will execute on your machine. 2) Provide and protect Tuya credentials (TUYA_ACCESS_ID, TUYA_ACCESS_SECRET, TUYA_API_ENDPOINT) as instructed by tuya-cloud; the skill’s metadata did not declare these required env vars. 3) Review and, if needed, change config/system.json reporting.bot_account_id and bot_target so the skill will not send notifications to unknown endpoints. 4) Be aware the skill writes data to disk (data/ or configured base_dir, default ../data) — confirm the path is acceptable. 5) Run initially in a safe environment (no real valves attached or with automation disabled / require_confirmation enabled) until you verify behaviour. If you want a cleaner trust boundary, ask the author to update the skill metadata to list required env vars, required config paths, and the dependency on tuya-cloud explicitly.Like a lobster shell, security has layers — review code before you run it.
latestvk974t718mj0s3xc71bjcaav90d84q41b
License
MIT-0
Free to use, modify, and redistribute. No attribution required.