ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

OpenClaw Course Reference

v1.0.0

Comprehensive reference to install, configure, deploy, secure, optimize, and extend OpenClaw agents with local AI, VPS setup, and skill development guidance.

1· 92·0 current·0 all-time
by@chatgptkrylor
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name/description (OpenClaw course reference) matches the delivered assets: a SKILL.md, seven large reference markdown modules, and a local index.js searcher. The code and docs are consistent with a documentation/search skill.
!
Instruction Scope
The SKILL.md and referenced modules contain actionable install and runtime instructions that go beyond passive documentation: examples include piping remote install scripts (curl | bash / iwr | iex), running privileged Docker (--privileged and mounting /var/run/docker.sock), copying binaries into /usr/local/bin with sudo, and patterns for agents to read/write/edit arbitrary files and run elevated exec commands. Those are expected for a course teaching deployment, but they expand the skill's operational scope and could be dangerous if followed without review.
Install Mechanism
The skill itself has no install spec (instruction-only + local index.js), which is low risk. However, the course documentation recommends installing software by downloading remote install scripts (e.g., https://openclaw.ai/install.sh, https://ollama.com/install.sh) and pulling docker images; those example commands invoke third-party endpoints and would execute arbitrary code on the host if run directly.
Credentials
The skill declares no required env vars or credentials — appropriate for a reference. The docs, however, show many example env vars and API keys (OPENAI_API_KEY, ANTHROPIC_API_KEY, OPENCLAW_SANDBOX, OPENCLAW_DOCKER_SOCKET) as part of setup examples. Requesting or configuring those keys is expected for the documented integrations, but the skill does not require them itself. Confirm you only provide secrets to services you intend to use.
Persistence & Privilege
The skill is not always-enabled and does not request elevated privileges itself. The course encourages running long-lived daemons, installing gateway services, and configuring agents that perform scheduled tasks and file edits — all legitimate for deployment guidance but they entail sustained privileges on your host if you follow the instructions.
What to consider before installing
This package is primarily documentation and a local search utility, which is coherent with its declared purpose — but treat the content as prescriptive guidance, not safe-by-default code. Things to consider before acting: - Provenance: the skill's source/homepage is unknown; prefer official docs from project homepages before running commands. Verify the origin of install scripts (openclaw.ai, ollama.com) independently. - Do not run piped install commands (curl | bash or iwr | iex) without inspecting the script. Download and read remote install scripts first. - Avoid running containers with --privileged or binding /var/run/docker.sock unless you understand the host-escape and privilege implications. These give the container near-root access to the host. - Be cautious with examples that copy binaries into system paths (sudo cp /usr/local/bin) or require sudo/systemctl — they modify system state. - The docs describe self-modifying agent patterns and programmatic file edits (read/write/edit/exec with elevated=true). Only enable such capabilities with strict approval policies and sandboxing; restrict exec host to sandbox and use allowlists. - The skill does not ask for credentials, but the docs show many env vars and API keys. Only provide keys to processes/services you trust and run on isolated accounts when possible. If you plan to use this skill as a reference: review files locally (no network execution), verify any remote URLs and scripts, and follow least-privilege practices when applying the documented installation or runtime steps.

Like a lobster shell, security has layers — review code before you run it.

latestvk97425xt81bsngwvqnf3d0c4f9837q1e

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments