ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Emacs Control

v0.1.0

Control Emacs. Search, edit, navigate, and pair programming with user

0· 48·0 current·0 all-time
byApril & May & June@calsys456
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The SKILL.md explicitly depends on a CLI named `emacsctl` and links to a GitHub repository for setup, yet the registry metadata lists no required binaries or install steps. A consumer would legitimately expect the skill to require the `emacsctl` binary (or to install it), so the metadata and instructions are inconsistent. The skill otherwise matches its stated purpose of controlling Emacs.
!
Instruction Scope
Runtime instructions instruct the agent to send arbitrary S-expressions to Emacs for read/eval, read full buffer contents (full-p), access the kill ring, grep buffers, read files into buffers, and perform insert/replace operations. Arbitrary eval in Emacs Lisp and the ability to read whole buffers or local files are powerful and can expose sensitive data. The SKILL.md does not constrain or require explicit user confirmation before potentially sensitive reads or evals (beyond a general warning).
Install Mechanism
There is no install spec (instruction-only), so nothing will be written to disk by the registry install process. However, the skill expects an external `emacsctl` binary to be present (and links to a third-party GitHub project) but does not declare this dependency in metadata.
Credentials
The skill requests no environment variables or credentials, which is proportionate. That said, via `emacsctl` it can read arbitrary Emacs buffers and local files (examples include reading ~/gpl-3.0.txt and 'full' buffer reads) — these are not declared as credentials but are sensitive data sources. The skill gives the agent broad read/write access to the user's Emacs environment without explicit metadata signaling that capability.
Persistence & Privilege
The skill is not marked always:true, does not request elevated registry privileges, and is user-invocable. It does not attempt to modify other skills or agent-wide settings according to the provided files.
What to consider before installing
This skill can evaluate arbitrary Emacs Lisp inside your Emacs and can read or modify buffers and files — powerful but risky. Before installing: (1) verify the upstream `emacsctl` project linked in the SKILL.md and confirm you trust that binary; (2) be aware the metadata does not declare `emacsctl` as a required binary or provide an install step (this mismatch is suspicious); (3) avoid running the skill when sensitive files or buffers are open, and require explicit user confirmation before any 'full buffer' read or file insertion; (4) consider running emacsctl in a restricted/sandboxed Emacs instance or test environment first; (5) request the author to update metadata to declare the dependency and to add explicit prompts/constraints in SKILL.md for potentially sensitive operations.

Like a lobster shell, security has layers — review code before you run it.

latestvk979kcqqgtqj8vj9d6zttmy07d83nsx6

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments