Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
rem
v1.0.0Manages macOS Reminders from the terminal using the rem CLI. Creates, lists, updates, completes, deletes, searches, and exports reminders and lists. Supports...
⭐ 0· 304·0 current·0 all-time
bySiddhartha Varma@bro3886
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The skill's name and description (manage macOS Reminders) align with the instructions: it targets macOS, EventKit/osascript, offers reminder CRUD, search, import/export, and shows how to use the rem CLI or its Go API. No unrelated APIs, binaries, or credentials are requested.
Instruction Scope
The SKILL.md instructs running a network installer (curl -fsSL https://rem.sidv.dev/install | bash) and provides commands to install the skill into multiple agent-specific directories (e.g. ~/.openclaw/skills/rem-cli/). Those installer-and-agent-install steps go beyond simple local CLI usage: they instruct fetching and executing remote code and modifying agent runtime directories, which could change agent behavior or persist code into agent sandboxes.
Install Mechanism
There is no formal install spec in the manifest; the README recommends piping a script from rem.sidv.dev into bash (high-risk). An alternative 'go install github.com/BRO3886/rem/...' is listed (lower risk), but the primary recommended curl|bash installation from an unvetted domain is an unsafe pattern unless you inspect the script. No cryptographic signatures or well-known release-hosting (e.g., verified GitHub releases) are referenced for the curl installer.
Credentials
The skill declares no required environment variables or credentials. The docs mention optional env flags like REM_NO_UPDATE_CHECK and NO_COLOR, which are reasonable. There are no requests for unrelated secrets or system credentials.
Persistence & Privilege
The docs explicitly provide commands to install/uninstall the rem skill into multiple AI agent directories (Claude, Codex, OpenClaw). Installing into these locations would give the skill a persistent presence in agent runtimes and allow the agent to run the installed code later. While 'always' is false, combining a remote installer with instructions to write into agent skill folders raises the potential for persistent or broadly scoped changes to agent behavior.
What to consider before installing
Do not run the curl | bash installer blindly. Before installing, do one of the following: (1) Inspect the installer script at https://rem.sidv.dev/install in a browser (or curl it to stdout) to see exactly what it does; (2) Prefer building from source via the listed GitHub module (go install github.com/BRO3886/rem/...) and verify the repository, recent commits, and release tags; (3) If you must run the remote installer, run it in a sandbox/VM and review its network activity and files written; (4) Avoid using the 'rem skills install' commands that write into agent skill directories unless you have inspected the code that will be installed — installing into agent directories grants the skill persistent execution inside those agents; (5) Check for signed releases or release artifacts on an authoritative repository and verify the maintainer identity. If you want, provide the contents of the install script or the GitHub repo URL for a follow-up review.Like a lobster shell, security has layers — review code before you run it.
latestvk9750dkdbm21dkfwdxbtd6xptd8206xg
License
MIT-0
Free to use, modify, and redistribute. No attribution required.