Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Farmos Tasks
v1.0.0Query and manage farm work orders and tasks. View assignments, create tasks, update status. Uses integration endpoints (no auth) for reads and authenticated...
⭐ 0· 520·2 current·2 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill's name and description match its documented API endpoints for reading and writing tasks. Requesting a JWT to call protected endpoints is reasonable for a task-management integration. However, the instructions require invoking a local helper script (~/clawd/scripts/farmos-auth.sh) and consulting a role mapping file (~/.clawdbot/farmos-users.json) — these local files are not declared in the registry metadata (no required config paths or credentials), which is an inconsistency.
Instruction Scope
SKILL.md explicitly directs the agent to execute a script from the user's home directory to obtain a token and to check a local JSON file for role mapping. That means the agent will run local code and read local files outside the documented API surface. The instructions also hard-code an IP address as the API base (http://100.102.77.110:8007). The combination of executing an arbitrary home-directory script and reading a user config file increases risk and is broader than what the metadata declares.
Install Mechanism
This is an instruction-only skill with no install spec and no packaged code to write to disk, which minimizes installer risk. There is no download/install mechanism declared.
Credentials
The skill declares no required environment variables or config paths, yet the runtime instructions rely on local artifacts (the auth helper script and the role JSON). That lack of declaration is a proportionality problem: the skill needs access to local credentials/state but doesn't transparently request or document them. Also, the auth helper may access secrets or credentials on disk — users should inspect that script before allowing execution.
Persistence & Privilege
always is false (no permanent inclusion), and the skill is user-invocable with normal autonomous invocation enabled. Autonomous invocation plus instructions to execute a home-directory script could allow the agent to run that script without explicit, per-run human oversight; this amplifies risk but is not inherently malicious. There is no evidence the skill requests to modify other skills or system-wide settings.
What to consider before installing
Do not run this skill until you verify the local artifacts and endpoints it references. Specifically: (1) Inspect ~/clawd/scripts/farmos-auth.sh to see what it does and whether it accesses or transmits secrets. (2) Inspect ~/.clawdbot/farmos-users.json to confirm it only contains role mappings and no sensitive tokens. (3) Confirm the API host (http://100.102.77.110:8007) is a legitimate internal FarmOS server you trust. (4) Ask the skill author to declare required config paths and to provide a secure, documented auth flow (or use an explicit environment variable/token rather than executing an unvetted script). If you cannot verify the script and files, avoid granting the agent permission to execute them or run the skill in a restricted/sandboxed environment where local scripts and sensitive files are inaccessible.Like a lobster shell, security has layers — review code before you run it.
latestvk97esfztn916ds6fyt2gkxefnd81nvsk
License
MIT-0
Free to use, modify, and redistribute. No attribution required.