Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
OpenClaw Use Case Catalog
v1.0.0Comprehensive catalog of what people are doing with OpenClaw. Covers 15+ categories with real examples, sources, and inspiration. Use when asked about OpenCl...
⭐ 0· 619·1 current·1 all-time
byChunhua Liao@chunhualiao
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description match the contents: this is a catalog of OpenClaw use cases. However, the SKILL.md instructs saving findings and running git commit && git push to a repo path ({github_org}/openclaw-skill-usecases). The skill declares no required credentials or env vars (e.g., no GIT or GitHub token). Asking the agent to perform pushes/SSH in examples without declaring or justifying credentials is a proportionality mismatch (likely because it's an instruction-only catalog, but it's still an inconsistency).
Instruction Scope
SKILL.md tells the agent to search the web, append bilingual entries to findings/YYYY-MM-DD.md, and commit/push. The bundled 'findings/' files include example snippets that show SSH commands, exec() usage, heartbeats, periodic scanning of SMS/messages and squeue via SSH. Those examples indicate workflows that access system resources and secrets (SSH keys, SMS 2FA). While the skill itself doesn't directly instruct the agent to read host secrets, the presence of operational examples that run commands and push changes broadens the scope and could cause accidental exposure if the agent is allowed to write files or push to GitHub.
Install Mechanism
No install spec and no code files to execute—this is instruction-only. That reduces direct install-time risk (nothing downloaded or extracted).
Credentials
Declared requirements: none. But the documented workflows and examples expect access to credentials/keys (GitHub pushes, SSH access to clusters, reading 2FA from messages, inbox scanning). Requiring no env vars while encouraging git pushes/SSH is disproportionate and ambiguous: if you enable agent actions, you'll need to decide which secrets to provide. There's risk of accidentally committing sensitive info into the findings files and then pushing to a remote repo.
Persistence & Privilege
Flags: always:false, user-invocable:true, model invocation allowed (default). The skill does not request persistent/automatic inclusion (no always:true). It contains suggestions for heartbeats/cron jobs in examples, but those are examples rather than settings in the manifest. No manifest-level privilege escalation observed.
Scan Findings in Context
[no_regex_matches] expected: Scanner found no code-pattern matches because this is an instruction-only skill with only markdown files. That means automated regex signals are limited; the SKILL.md and findings files must be reviewed manually (and were).
What to consider before installing
This is primarily a curated reference and is coherent with its stated purpose, but it contains and recommends operational examples that need credentials (git push, SSH, reading 2FA/messages, periodic heartbeats). Before installing or enabling this skill: 1) Do not grant it automatic write/push rights to your main GitHub account—use a dedicated repo and bot account if you want auto-push. 2) Review any findings files before committing to avoid accidental leakage of secrets or sensitive notes. 3) If you plan to implement examples (SSH, SMS monitoring, calendar access), provision dedicated, least-privilege credentials and service accounts; never reuse personal SSH keys or account tokens. 4) Consider removing or editing the git push/remote instructions in SKILL.md if you don't want the agent to push to a remote automatically. 5) If you lack operational controls, treat this as read-only documentation rather than an automation to run autonomously. If you want, I can suggest safe edits to SKILL.md that remove or clarify the push/credential steps.Like a lobster shell, security has layers — review code before you run it.
latestvk979c8mgwedtz70cttdm1gjq0981adk2
License
MIT-0
Free to use, modify, and redistribute. No attribution required.