ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Clawdhub 1.0.0

v1.0.0

Use the ClawdHub CLI to search, install, update, and publish agent skills from clawdhub.com. Use when you need to fetch new skills on the fly, sync installed...

0· 641·33 current·35 all-time
by@djmarkd38
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description, required binary (clawdhub), and provided runtime instructions align: this is a thin wrapper instructing the agent to use the ClawdHub CLI to search/install/update/publish skills. The declared install (npm package 'clawdhub') is appropriate for that purpose.
Instruction Scope
SKILL.md only instructs use of the clawdhub CLI (search/install/update/list/publish). It references default registry URL and local workdir/install dir. This stays within the expected scope, but it also documents behavior that will write to the agent's working directory (default ./skills) and perform updates based on local file hashes — actions that modify local filesystem and could change installed skills.
Install Mechanism
The install spec uses npm to install the 'clawdhub' package, which is a typical mechanism for a CLI. That carries moderate risk because it will download and run code from the npm registry; the package source and maintainer reputation are not provided here, so users should verify the npm package before installing.
!
Credentials
The skill's manifest declares no required environment variables or primary credential, but SKILL.md explicitly mentions CLAWDHUB_REGISTRY as an environment override and documents 'clawdhub login' for publishing (which implies storage/usage of credentials/tokens). This mismatch (undeclared env var and implicit credential handling) is a proportionality/visibility issue: the skill may cause credential storage or honor an env var that can point to arbitrary registries, but these are not surfaced in the manifest.
Persistence & Privilege
always:false and no special config paths or permanent privileges are requested. The skill will install a CLI binary and perform filesystem writes in its workdir (expected behavior). There is no sign it modifies other skills' config or system-wide settings.
What to consider before installing
This skill appears to be an instruction-only wrapper for an npm CLI that manages skills. Before installing or running it: 1) Verify the 'clawdhub' npm package and its publisher on the npm registry (packages can be malicious or compromised). 2) Be aware the CLI writes to the current working directory by default (./skills) and can update installed skills — set --workdir/--dir to a safe location. 3) The SKILL.md mentions 'clawdhub login' and an environment override CLAWDHUB_REGISTRY, but the manifest does not declare any credentials or env vars — expect credential storage (tokens) and the ability to point the CLI to an arbitrary registry; don't run login or change the registry unless you trust the destination. 4) If you need higher assurance, inspect the npm package source (or run the CLI in a sandbox) to see exactly what it stores and where it communicates. These inconsistencies justify caution but are not definitive proof of malice.

Like a lobster shell, security has layers — review code before you run it.

latestvk972z0s771dme476x1hmmy6e0n817n53

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Binsclawdhub

Install

Install ClawdHub CLI (npm)
Bins: clawdhub
npm i -g clawdhub

Comments