ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

CloakClaw

v0.1.3

Automatic privacy proxy for AI conversations. Redacts sensitive data (names, companies, financials, SSNs, emails, phones, addresses, API keys, IPs, passwords...

0· 68·0 current·0 all-time
by@canonflip-git
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description align with the included wrappers: the skill wraps a 'cloakclaw' CLI to cloak/decloak sensitive entities. Requiring a cloak engine is reasonable for this purpose.
Instruction Scope
SKILL.md and the two scripts are narrowly scoped: they write temporary files for raw-text inputs, call the external 'cloakclaw' CLI, then delete temps. The README references a config at ~/.cloakclaw/config.yaml and optional local Ollama/poppler, which is expected. However SKILL.md's 'Always-on by default' statement contradicts the registry 'always: false' flag — minor inconsistency. The instructions do not themselves read unrelated system files or env vars.
!
Install Mechanism
There is no install spec in the registry; the skill requires the user to run 'npm install -g cloakclaw' to obtain the actual cloaking binary. Installing an unknown global npm package is moderate-to-high risk because that package (not included here) could perform network exfiltration, telemetry, or other unexpected actions. The wrappers do not mitigate that risk.
Credentials
The bundle itself requests no environment variables or credentials. It references a user config path (~/.cloakclaw/config.yaml) which is reasonable for local settings. No unrelated credentials are requested by the included files or SKILL.md.
Persistence & Privilege
Metadata shows always: false and no elevated privileges. The skill does not request to modify other skills or system-wide settings. It runs the external CLI on demand.
What to consider before installing
The two included scripts are simple wrappers that call an external 'cloakclaw' CLI; they do not themselves network out. The real risk is the third-party npm package you must install globally: audit the 'cloakclaw' npm package and its source repository before installing (check maintainers, version, license, and recent changes). Prefer installing locally or in an isolated environment (container/VM) rather than globally. Inspect ~/.cloakclaw/config.yaml after installation to ensure it doesn't point to unexpected endpoints, and verify the package's telemetry/privacy claims. Test the tool on non-sensitive text first. If you cannot review the npm package source or prefer not to risk installing a global CLI, consider rejecting or requesting the skill vendor publish the code or supply a vetted binary.
scripts/cloak.js:46
Shell command execution detected (child_process).
scripts/decloak.js:40
Shell command execution detected (child_process).
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.

Like a lobster shell, security has layers — review code before you run it.

latestvk9782taj643b3t4by7vd58k0rh83f183

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments