Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Claude Code Mastery
v1.4.3Master Claude Code for coding tasks. Includes setup scripts, dev team subagents (starter pack or full team), self-improving learning system, diagnostics, and troubleshooting.
⭐ 1· 2.1k·5 current·7 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description (setup and mastery of Claude Code with subagents, diagnostics, and self-improvement) aligns with the provided scripts and agent files. However the registry metadata claims 'instruction-only' / no install spec and lists no required env vars while the SKILL.md and scripts clearly perform installation, authentication, and optional downloads (e.g., claude-mem). That mismatch between declared requirements and the actual files/instructions is unexpected and should be treated as a red flag to inspect before running.
Instruction Scope
SKILL.md instructs the agent/user to run a sequence of local scripts that: install a CLI, run an authentication flow (browser or API key), install subagents, optionally install a community 'claude-mem' repo, set up persistent memory, and add a heartbeat/cron job for weekly self-improvement. These actions go beyond simple in-place guidance: they will clone/fetch code, modify user config (~/.claude, .claude/settings.json, HEARTBEAT.md), and create scheduled tasks. The instructions also include patterns that enable broad Bash permissions (settings.json snippet). The SKILL.md contains pre-scan prompt-injection signal (unicode-control-chars) which suggests the file may include obfuscation or attempts to manipulate automated review — this increases risk.
Install Mechanism
No formal install spec is declared in the registry (instruction-only), yet the bundle contains install scripts that likely fetch and run external code. config.sh references a community GitHub repo (https://github.com/thedotmack/claude-mem.git) and a pinned commit. Downloading and running third-party code from non-official/community repos is moderate-to-high risk unless audited. The install flow is executed via included shell scripts (extract/run), which will write to disk and may execute downloaded components — this is more risky than a pure instruction-only skill.
Credentials
The registry metadata declares no required env vars or primary credential, but SKILL.md and scripts include an authentication step (03-first-time-auth.sh) that supports browser or API key flows and a persistent memory option with a DB file. That means the setup will prompt for or require credentials (API keys) at runtime even though none are declared up-front. The settings.json snippet shown grants broad 'Bash(...)' permissions patterns which could be broader than necessary. In short: requested credentials and persistent state are not being surfaced in the metadata — mismatch and a proportionality concern.
Persistence & Privilege
The skill is not marked always:true (good), but it explicitly installs a weekly cron task (07-weekly-improvement-cron.sh) and a persistent memory component (claude-mem) that will keep state on disk and can update skill files ('self-improvement'). Self-modifying and scheduled tasks create persistence and a long-lived execution surface; this is not necessarily malicious but should be audited. There is no evidence the skill requests system-wide privileges or modifies other skills' configs, which is good.
Scan Findings in Context
[unicode-control-chars] unexpected: Prompt-injection indicators were found in SKILL.md. This is not expected for an honest setup guide and can indicate obfuscation or attempts to manipulate automated reviewers or runtime behavior. Inspect the SKILL.md and scripts for hidden/control characters and unusual string encodings before running.
What to consider before installing
Before installing or running anything from this skill: 1) Inspect every script (especially 02-install-claude-code.sh, 03-first-time-auth.sh, 04-install-subagents.sh, 05-setup-claude-mem.sh, 07-weekly-improvement-cron.sh) to see what network endpoints they call (git clone, curl, wget) and where they send data. 2) Don't provide API keys or credentials until you read 03-first-time-auth.sh to confirm how keys are used/stored/transmitted. 3) Treat the 'claude-mem' repo as third-party software — verify the pinned commit on GitHub and review its code. 4) Run the install in a disposable sandbox/VM or container and avoid running as root. 5) Check for creation of cron jobs, systemd units, or modifications to home/ssh/agent config; remove or disable automatic self-update/cron behavior if you want no persistence. 6) Search the scripts for commands that could exfiltrate secrets (curl/ftp/scp to unfamiliar hosts, base64/openssl uploads, or calls to external APIs) and for obfuscated strings or unicode control characters. 7) If you lack the ability to audit the scripts, decline installation or ask the maintainer for a minimal, transparent install option and explicit list of network endpoints and permissions.Like a lobster shell, security has layers — review code before you run it.
claude-codevk975z6cxgj5m2te0hmh4ktdba980rc23codingvk975z6cxgj5m2te0hmh4ktdba980rc23developmentvk975z6cxgj5m2te0hmh4ktdba980rc23latestvk975z6cxgj5m2te0hmh4ktdba980rc23subagentsvk975z6cxgj5m2te0hmh4ktdba980rc23
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
🧑💻 Clawdis