ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Codehooks Backend

v1.0.0

Deploy serverless backends for REST APIs, webhooks, data storage, scheduled jobs, queue workers, and autonomous workflows.

0· 650·0 current·0 all-time
byKnut Martin Tornes@canuto
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
high confidence
Purpose & Capability
Name/description align with the required CLI binary (coho) and an admin token for deploying and managing backends — those credentials and tools are expected for the stated purpose.
!
Instruction Scope
SKILL.md tells the agent to run `coho prompt`, `coho doctor`, `coho describe`, and `coho log -f`. `coho prompt` and `coho doctor` are explicitly described as returning full development context, collections, deployment history, and recent error logs — all of which may include sensitive data. The instructions also instruct you to give the admin token to the agent and to copy the full prompt into the agent context, which greatly increases the chance of leaking secrets or database content.
Install Mechanism
This is an instruction-only skill with no install spec. No archives or external installers are pulled — the only dependency is the external `coho` CLI which must already be present. Low risk from install mechanism itself.
!
Credentials
The skill declares one required env var: CODEHOOKS_ADMIN_TOKEN — sensible for admin operations. However, example code references other env vars (e.g., STRIPE_WEBHOOK_SECRET) that are not listed in requires.env. More importantly, giving an agent the admin token grants full management access (deployments, DB queries, logs) which is high privilege; this is likely more access than many users realize or need.
Persistence & Privilege
always:false and default autonomous invocation are set (normal). However, when combined with an admin token and instructions that let the agent deploy code and create webhook callbacks, autonomous operation increases blast radius: the agent could deploy code that exfiltrates data or reaches out to external endpoints. This is a risk only when you actually provide the admin token and enable autonomous actions.
What to consider before installing
This skill is coherent with its stated purpose but is high-risk in practice. If you install it: 1) Do NOT hand your production CODEHOOKS_ADMIN_TOKEN to an agent unless you understand and accept full control of the backend. Prefer creating a scoped token with least privilege for specific tasks or a sandbox project. 2) Be cautious with `coho prompt` and `coho doctor` — they return full project context, DB collection counts, deploy history and logs; avoid copying secrets or sensitive data into agent context. 3) The examples reference other environment secrets (e.g., STRIPE_WEBHOOK_SECRET) that the skill does not declare — ensure you do not expose those unnecessarily. 4) Monitor deployments and logs, rotate tokens if you suspect exposure, and require human approval for any deploy step if possible. 5) If you need only read-only diagnostics or limited deploys, ask for a reduced-scope workflow or a less-privileged token before giving the agent access.

Like a lobster shell, security has layers — review code before you run it.

latestvk972sx4ye2esdx29ztryt7205981e3tz

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🪝 Clawdis
Binscoho
EnvCODEHOOKS_ADMIN_TOKEN

Comments