ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Pipeworx citybikes

v1.0.0

Real-time bike-sharing station data for 600+ networks worldwide — Citi Bike, Velib, Nextbike, and more

0· 51·0 current·0 all-time
byBruce Gutman@brucegutman
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The skill claims to provide real-time bike-share data and the example CURL JSON-RPC call to gateway.pipeworx.io aligns with that purpose. However, the SKILL.md's suggested setup uses 'npx mcp-remote@latest' (Node/npx and an npm package) even though the declared required binaries list only 'curl' and no Node/npx. The missing Node/npx requirement is an incoherence.
Instruction Scope
Instructions are largely scoped to querying pipeworx.io (expected). They do not request local files or extra env variables. However, the example uses a JSON-RPC 'tools/call' method on a remote gateway — this means the agent will send potentially arbitrary method names/params to an external service. That is expected for a remote API but worth noting as it grants the remote endpoint flexibility over what is executed server-side.
!
Install Mechanism
There is no formal install spec, but the SKILL.md recommends using 'npx -y mcp-remote@latest' which will download and execute code from the npm registry at runtime. The skill metadata does not declare this runtime dependency. Downloading/executing remote packages via npx is higher risk and should be explicit in the skill metadata or install spec.
Credentials
The skill does not request any environment variables, credentials, or config paths. This is proportionate to its stated purpose of querying a public API.
Persistence & Privilege
always is false and the skill does not request persistent system-wide changes. It does suggest configuring an mcpServer entry, but that is a local configuration suggestion and not an elevated privilege request.
What to consider before installing
This skill appears to do what it says (query bike-share data), but note two issues before installing: (1) SKILL.md instructs using 'npx mcp-remote@latest' (which downloads and runs code from npm) but the skill metadata only lists 'curl' as a required binary — if you allow the agent to follow that setup it will fetch remote code at runtime. (2) The agent will send JSON-RPC requests to https://gateway.pipeworx.io; ensure you trust that endpoint because it receives whatever parameters the agent sends. If you plan to install or enable this skill, ask the author to (a) explicitly list Node/npx as a dependency or provide an install spec, and (b) explain what 'mcp-remote' does and why runtime npm execution is necessary. If you cannot verify the upstream package, avoid running npx commands that pull latest code automatically.

Like a lobster shell, security has layers — review code before you run it.

latestvk971v1qw9d0qewq5e3gp9754mh84c42t

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🚲 Clawdis
Binscurl

Comments