Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Dev Serve
v1.0.0Start and manage tmux-backed dev servers exposed through Caddy at wildcard subdomains.
⭐ 0· 412·3 current·3 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name and description match the script's behavior: it starts tmux sessions, chooses ports, edits a Caddyfile, calls the Caddy admin API, and patches project config files (vite). However the registry metadata declares no required env vars or binaries while the script requires DEV_SERVE_DOMAIN and relies on tmux, jq, curl, sed/awk/grep/lsof, etc. The missing metadata declarations are an incoherence that reduces trust.
Instruction Scope
SKILL.md and the script instruct the agent/user to copy a script that will: modify your Caddyfile, POST the Caddyfile to the Caddy admin API, auto-patch project source files (vite config), create/kill tmux sessions, and write state to ~/.config/dev-serve/state.json. Those actions are functionally within the stated purpose but are intrusive (editing server proxy config and source files) and should be explicitly highlighted to users — the instructions do not require explicit confirmation/backup before editing.
Install Mechanism
There is no automated install spec (user is told to cp the script to ~/.local/bin). That keeps risk lower than downloading/executing remote archives. The presence of a local script file means behavior is visible to review before installation.
Credentials
The script requires DEV_SERVE_DOMAIN (and respects CADDY_ADMIN, CADDYFILE, DEV_SERVE_STATE_DIR, DEV_CMD), but the registry metadata lists no required environment variables or primary credential. The missing declaration of DEV_SERVE_DOMAIN and the lack of declared required binaries is a mismatch. The script does not request external credentials, which is proportional to its purpose.
Persistence & Privilege
The skill does not request always:true and does not demand elevated system privileges. It will, however, modify user files (Caddyfile and repo config files) and reload Caddy via the admin API at localhost:2019; that API should be protected. These behaviors are necessary for operation but increase blast radius if run on a shared or exposed host.
What to consider before installing
Before installing/running this skill: 1) Inspect the provided scripts/dev-serve.sh yourself — it will edit your ~/.config/caddy/Caddyfile and may patch source files in your repo (vite configs). 2) Set and verify DEV_SERVE_DOMAIN before running; the script will exit if this env var is not set (the registry metadata did not declare this requirement). 3) Back up your Caddyfile and any repo files you care about. 4) Ensure the Caddy admin API (http://localhost:2019) is only reachable locally and not exposed to untrusted networks — the script will POST your Caddyfile to that endpoint. 5) Confirm required binaries are present (tmux, jq, curl, lsof, sed, grep) and run the script on a machine where modifying reverse-proxy config and running arbitrary dev commands is acceptable. 6) Prefer obtaining this tool from a named, trusted source or repository (homepage/source is unknown); if the author or canonical repo is provided, re-evaluate after verifying that origin. If the metadata were corrected to list required env vars/binaries and the script included safe-guards (confirmation prompts or dry-run mode), my confidence would increase.Like a lobster shell, security has layers — review code before you run it.
latestvk978sg75btsy91c4m2rbgdn39981vbx9
License
MIT-0
Free to use, modify, and redistribute. No attribution required.