ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Acp

v0.1.4

ACP channel plugin for OpenClaw — configure and use. Covers single/multi identity configuration, strict 1:1 binding policy (agentId <-> accountId), agent.md...

0· 707·5 current·5 all-time
by@coderxjeff
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name/description (ACP channel plugin) align with requested binaries (git, node, npm, curl) and the SKILL.md content: installing a plugin, editing OpenClaw config, creating agent.md, and calling ACP endpoints are all coherent with the stated purpose.
Instruction Scope
SKILL.md instructs the agent to read/write many local configuration files (~/.openclaw/openclaw.json, ~/.openclaw/identities/*.json, ~/.acp-storage/*), create agent.md files, mutate bindings, enable plugin entries, and restart the gateway. Those operations are expected for channel/plugin setup but are high-impact changes to local config and device identity files and should be explicitly authorized by the user before execution.
Install Mechanism
The skill is instruction-only (no registry install spec) and tells the agent to git clone https://github.com/coderXjeff/openclaw-acp-channel (with Gitee fallback) and run npm install. Cloning from GitHub/Gitee is a common/traceable approach, but it will pull and install external code on disk and run package installs — verify the repository and its dependencies before running.
Credentials
No environment variables or external credentials are requested by the skill itself. The SKILL.md does cause local secrets to be generated/stored (seedPassword written into openclaw.json and private keys under ~/.acp-storage), which is proportional to the channel's function but sensitive — ensure those files are protected and that you trust the code that will consume them.
Persistence & Privilege
always:false (not force-included). The skill's instructions cause persistent changes (cloning into ~/.openclaw/extensions/acp, writing openclaw.json, creating ~/.acp-storage entries, device identity modifications). This persistence is reasonable for a channel/plugin installer, but because it modifies global OpenClaw config and identity files, the user should confirm intent and back up configs prior to applying changes.
Assessment
This skill is essentially a how-to for installing/configuring an ACP channel plugin and coherently asks the agent to modify OpenClaw config, create identity files, and clone+install a repo from GitHub/Gitee. Those actions will write persistent, sensitive files (seedPassword, keys, openclaw.json bindings) and run npm installs. Before proceeding: 1) verify and manually inspect the referenced repository (https://github.com/coderXjeff/openclaw-acp-channel) and its package.json; 2) back up ~/.openclaw/openclaw.json and related identity files; 3) decide whether you want allowFrom default ["*"] and set ownerAid appropriately; 4) consider performing the install in a sandbox or VM if you cannot audit the code; 5) only authorize modifications (bindings, device identity files, gateway restart) when you understand their consequences.

Like a lobster shell, security has layers — review code before you run it.

latestvk978zjqmb8ns1ks4q7jmn08b3581tdy0

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

📡 Clawdis
Binsnode, npm, git, curl

Comments