ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Iran Briefing

v1.3.0

Real-time Iran crisis intelligence — decision-oriented briefing with situation assessment, active threads, events, social signals, prediction markets, and 70...

1· 265·0 current·0 all-time
by@dachein
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description match the instructions (aggregator of briefings, events, posts, markets). Nothing in the SKILL.md requires system binaries, local files, or cloud credentials, which is proportionate — however the skill routes all queries to an external domain (skill.capduck.com) not documented in the registry metadata or accompanied by a homepage or source repository, which reduces transparency.
!
Instruction Scope
Runtime instructions explicitly tell the agent to curl https://skill.capduck.com/iran and to follow many endpoints on that domain. The SKILL.md does not clarify what request parameters or user context will be sent; if the agent includes user prompts or local context in those requests it could leak sensitive input. The instructions also recommend using external services (Polymarket CLOB API, iranmonitor.org) without declaring how credentials or rate limits are handled.
Install Mechanism
Instruction-only skill with no install spec and no code files — nothing is written to disk by the skill itself, which minimizes installation risk.
Credentials
No environment variables, credentials, or config paths are requested in the manifest. That is proportionate to a read-only briefing/aggregation skill. However, the manifest lacks explicit disclosure that the skill performs outbound network calls to a third-party API, which is the main privacy/credential risk vector.
Persistence & Privilege
The skill does not request always:true and does not ask to modify other skills or system settings. It is user-invocable and allows autonomous invocation by default, which is normal for skills but increases blast radius if the external endpoint is untrusted.
What to consider before installing
This skill appears to be an instruction-only aggregator that fetches data from an external API (skill.capduck.com) but provides no homepage, source code, or privacy statement. Before installing or invoking it: 1) ask the publisher for provenance (who operates skill.capduck.com, data-retention and privacy policy, and source code). 2) Avoid sending sensitive prompts or local context when testing — treat queries as going to an unvetted third party. 3) If possible, run it in a restricted environment or with network egress controls to limit data leakage. 4) Prefer skills with a published homepage or repository and documented API endpoints; if you must use this skill, limit autonomous access and monitor outgoing requests. If you need higher assurance, request the skill be published with source and a verified owner before use.

Like a lobster shell, security has layers — review code before you run it.

latestvk97c2cqy8dd0x673kkx6wanfe583zq0j

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🇮🇷 Clawdis

Comments