Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Farmos Observations
v1.0.0Query and create field observations and AI-processed captures. Photos, voice notes, and text notes from the field.
⭐ 0· 528·2 current·2 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name, description, and the documented endpoints (list, detail, create) line up with an observations skill. The use of an internal FarmOS API (private IP) is consistent with an on-prem farm system. However, the SKILL.md instructs the agent to obtain a JWT by running a local script at ~/clawd/scripts/farmos-auth.sh; that file/path is not declared in the skill metadata (required config paths/env), creating a mismatch between claimed requirements and actual runtime needs.
Instruction Scope
The instructions explicitly tell the agent how to call internal APIs and upload images (appropriate for the purpose), but they also instruct execution of a local shell script to acquire a token and reference using recent context and user location to infer fields. The script path (~/clawd/scripts/farmos-auth.sh) is an undeclared local file — asking the agent to execute a local script expands scope to the user's filesystem and potentially arbitrary code execution. The skill also expects the agent to accept and forward images/voice notes to the backend, which is expected but has privacy implications.
Install Mechanism
No install spec is present (instruction-only), so nothing is written to disk by the skill itself. This is the lowest install risk.
Credentials
The skill declares no required environment variables or credentials, yet the documented authentication flow requires a JWT obtained by executing a local script. That means the skill will implicitly rely on local credentials or scripts that are not declared in metadata. This mismatch (no declared credentials but a required token retrieval mechanism) is disproportionate and should be clarified. The backend uses a private IP, limiting exposure to the local network, which is appropriate if this is internal software.
Persistence & Privilege
The skill does not request persistent or always-on privileges (always:false) and does not declare any behavior that modifies other skills or global agent configuration.
What to consider before installing
This skill appears to be an internal FarmOS integration, but proceed carefully: 1) Confirm you trust the skill source — there is no homepage or publisher identity. 2) The runtime instructions tell the agent to run a local script at ~/clawd/scripts/farmos-auth.sh to obtain a JWT; verify that script exists and inspect its contents before allowing the agent to execute it (it could run arbitrary commands). 3) Confirm that the API base (http://100.102.77.110:8008) is the expected internal FarmOS host and that you are comfortable having images and voice notes uploaded there. 4) If you do not want the agent to execute local scripts, request a different auth method (e.g., a short-lived token provided through a secrets store or an explicitly declared environment variable). 5) If you need higher assurance, ask the publisher for a repository or homepage and for the exact auth flow (what farmos-auth.sh does) before installing. If you cannot validate these, treat the skill as potentially dangerous and avoid granting it filesystem or execution privileges.Like a lobster shell, security has layers — review code before you run it.
latestvk97a1g692evj00mxajmb5k7sfn81nx1s
License
MIT-0
Free to use, modify, and redistribute. No attribution required.