Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Convert-any-SaaS-application-into-an-Agentic-interface
v1.0.0Convert any website, SaaS product, or API into a live, discoverable, agent-executable integration. Use when the user asks to "convert a website", "turn this...
⭐ 0· 43·0 current·0 all-time
byDaniel Foo Jun Wei@danielfoojunwei
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill's goal (convert websites/SaaS/OpenAPI into an agent bundle and deploy it) aligns with needing a conversion tool, headless browser (Playwright), and Python. However, the SKILL.md actively instructs installing a GitHub-hosted Python package and platform tooling even though the skill metadata declared no install spec; also it promises deployment, discovery publishing, and backend wiring which legitimately require credentials/config but none are declared in the registry metadata.
Instruction Scope
The SKILL.md instructs the agent/operator to run commands that install packages from a GitHub repo, install Python via an external tool (uv), create virtual envs, and run Playwright installs. It also urges proactive 'do not skip' post-conversion steps that push toward deployment, publishing discovery files, and connecting to real APIs/databases. These instructions permit executing arbitrary third-party code and handling sensitive credentials; the file also directs reading many local bundle files but does not constrain where credentials or system state should come from.
Install Mechanism
Although the skill is 'instruction-only' (no declared install spec), the runtime instructions tell the operator to pip install directly from a GitHub repository (git+https://github.com/...). Installing a package from a repo executes whatever that repo contains and can run arbitrary code. The Playwright install step downloads browser binaries. Because installs are triggered by the instructions rather than a vetted install spec, this increases the attack surface and should be treated as risky unless the repo is audited/trusted.
Credentials
The registry metadata lists no required env vars or primary credential, but the SKILL.md explicitly guides the user toward backend connection, 'real API/database details', deployment settings, and publishing (which would normally require API keys, DB credentials, hosting credentials). The absence of declared credential requirements is a mismatch: the skill will likely prompt for or require sensitive credentials at runtime but gives no advance indication or guidance on what will be requested or how secrets are stored/used.
Persistence & Privilege
The skill is not always:true and does not claim to modify other skills or system-wide config. Autonomous invocation is allowed (the platform default), and the SKILL.md encourages proactive next steps, but there is no explicit request for permanent agent registration or automatic re-enablement. This is normal, though combined with the other concerns it increases the practical blast radius if run without isolation.
What to consider before installing
This skill will ask you (or your agent) to install and run code from a GitHub repo and to install Playwright and Python, and it will guide you to connect real APIs/databases and publish deployments — but the package/repo is not vetted here and the skill metadata doesn't declare required credentials. Before installing or running it: (1) review the GitHub repo source yourself (or ask for a packaged release on a trusted registry), (2) run any install steps in an isolated environment or container, (3) do not provide production credentials — use test accounts or scoped keys, (4) confirm how credentials will be stored/transmitted, and (5) consider asking the author for an explicit install spec and a list of exact environment variables/permissions the integration will need. These precautions reduce risk; the skill is coherent enough to be useful but contains several red flags that merit manual review.Like a lobster shell, security has layers — review code before you run it.
latestvk976ybh7erqw4waxqdxypq7fbs83te1k
License
MIT-0
Free to use, modify, and redistribute. No attribution required.