ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

PhiProto CLI

v1.0.3

Use when working with .phiproto files, PhiProto messages, or converting between .phiproto and CSV with the bundled phicli binary. Trigger on requests to insp...

0· 54·0 current·0 all-time
by@chengongpp
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The skill claims to provide a 'bundled phicli binary' for working with .phiproto files and its instructions/auxiliary script do focus on decoding/encoding .phiproto as described. However the binary is not actually bundled in the package — instead getphi.sh downloads it from a GitHub release. This is a minor inconsistency but does not on its own make the skill unusable.
!
Instruction Scope
SKILL.md tells the agent to fetch phicli from github.com/chengongpp/phicli and then use it locally. The runtime instructions and helper script will download a remote executable into $HOME/.local/bin. The instructions do not request unrelated files/credentials, but they do direct network download and installation of an executable which expands the skill's scope beyond pure local file inspection. There is no integrity or signature check and the README claims the tool 'runs local-only' (a claim you cannot verify from this package).
!
Install Mechanism
There is no formal install spec in registry; instead the included getphi.sh uses wget to download a binary from a GitHub Releases URL (github.com/chengongpp/phiproto/releases/download/0.0.2/phicli) into $HOME/.local/bin. Downloading from GitHub releases is common, but the script does not verify checksums or signatures and does not set the executable bit (no chmod), which risks both usability and security. No archive extraction is done and the host is a known release host (GitHub), so risk is moderate but notable due to missing integrity checks.
Credentials
The skill does not request environment variables, credentials, or config paths. The only implicit use is $HOME as the target install location. There are no unrelated secrets or broad credential requests.
Persistence & Privilege
The skill writes a file into $HOME/.local/bin which is a per-user persistent location and may affect future PATH behavior. always:false (no forced inclusion) and the skill does not modify other skills or system-wide settings. Writing to the user's bin directory is expected for a user-scoped tool but is a persistent change the user should be aware of.
What to consider before installing
This skill is coherent with its stated purpose but has two practical security concerns you should consider before installing or running it: 1) getphi.sh downloads an executable from a GitHub release and places it in ~/.local/bin without verifying a checksum or signature; 2) the script does not set the executable bit (chmod), so it may not be runnable as-is. If you want to use this skill safely: verify the GitHub repository and the release tag manually, prefer downloading a release with an accompanying hash/signature and verify it, run the binary in a sandbox or VM first, or ask the skill author to include a signed checksum or source code. If you cannot verify the binary, avoid executing it on sensitive systems.

Like a lobster shell, security has layers — review code before you run it.

latestvk9781bg6v3g72815ez985s1w6s84cgep

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments