ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Skeall Skill Builder

v1.0.0

Agent Skills (SKILL.md) builder, auditor, and improver for cross-platform LLM agents. Use for "skeall", "build a skill", "create skill", "improve skill", "au...

0· 626·1 current·1 all-time
by@dorukardahan
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (skill builder, auditor, improver) match the content: SKILL.md and references contain scaffolding, templates, scan and healthcheck algorithms, and usage examples. The file references and checks (skill dirs, frontmatter rules, references/) are exactly what a skill-auditor/builder would need.
Instruction Scope
Runtime instructions explicitly instruct reading SKILL.md and reference files and performing healthchecks that probe local platform registries and logs (e.g., ~/.openclaw/openclaw.json, ~/.claude/settings.json, ~/.openclaw/logs/), scanning for file references, and issuing HTTP HEAD/GET checks against referenced URLs. Those actions are coherent for an auditor but involve reading local config and session logs and making network requests — a privacy-sensitive but expected scope for this tool.
Install Mechanism
Instruction-only skill with no install spec and no code files to download or execute. This minimizes disk-write and remote code risks.
Credentials
The skill does not declare required environment variables or credentials. SKILL.md does describe detecting $VARS referenced inside scanned skills (R6) and will report missing env vars, which is appropriate for an auditor. The skill does not request unrelated secrets or cloud credentials.
Persistence & Privilege
always:false and no install behavior; the skill does not request permanent presence or claim it will modify other skills' configs. Healthcheck reads platform registries and logs (read access) but does not include instructions that automatically write or reconfigure other skills. Autonomous invocation is allowed by default (platform default) but not combined with other concerning privileges.
Assessment
This skill appears to be what it claims: a local SKILL.md builder/auditor. Before installing or granting it autonomous access, note that its healthcheck mode will read local skill directories and platform config files (e.g., ~/.openclaw/, ~/.claude/, ~/.agents/) and may scan session logs and make HTTP requests to any URLs found in skills. Those behaviors are expected for an auditor but can reveal sensitive local metadata. Recommendations: (1) run its scan/healthcheck manually first in a safe directory to review outputs, (2) avoid pointing it at directories containing sensitive logs or secrets, (3) review any proposed automatic fixes before applying them (backup configs first), and (4) if you will let it run autonomously, restrict scope or monitor its activity until you’re comfortable.

Like a lobster shell, security has layers — review code before you run it.

latestvk97ez4z7pmazyv0n16kkb0ntvn81e00z

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments