ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Windows Notifier

v1.1.1

Send native Windows desktop notifications for local reminders, alerts, and background-attention events. Use when the user wants a Windows popup, a local toas...

0· 296·1 current·1 all-time
by@dougzl
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (Windows desktop notifications) align with the included script and SKILL.md. The script implements a WPF path on Windows and a node-notifier fallback; the single declared dependency (node-notifier) is appropriate.
Instruction Scope
SKILL.md explicitly tells the agent to run the included send-notification.js from the user's OpenClaw workspace; the script only references the skill directory, platform probes (process.platform), and spawns PowerShell or npm as needed. Note: the script auto-runs `npm install` in the skill directory on first run and invokes PowerShell with '-ExecutionPolicy Bypass' to run a generated script — both are expected for the stated behavior, but they cause execution of code and shell commands on the host.
Install Mechanism
No platform install spec is provided; the skill is instruction+code and auto-installs dependencies by invoking `npm install` in its skill folder. This pulls packages from the public npm registry (node-notifier and its deps). This is proportionate to the task but does mean network access and execution of package install scripts on first run.
Credentials
The skill declares no required environment variables or credentials. The SKILL.md and script reference standard runtime env items (USERPROFILE, ComSpec) to locate the skill and choose the shell on Windows; these are reasonable and expected for local notification behavior.
Persistence & Privilege
The skill is not always-enabled, does not request elevated system-wide privileges, and only writes into its own skill directory when installing npm deps. It does spawn child processes (PowerShell, npm) as part of normal operation; agent autonomous invocation remains the platform default but is not combined here with other broad privileges.
Assessment
This skill appears to do exactly what it says: show local Windows notifications. Before installing, be aware it will (a) run the included JavaScript on your machine, (b) automatically run `npm install` in the skill directory (pulling node-notifier and deps from the public npm registry), and (c) invoke PowerShell (using -ExecutionPolicy Bypass) to display WPF-based UI on Windows. These behaviors are expected for a notification helper but mean network access and execution of downloaded package scripts are possible. If you have strict supply-chain or network policies, review the node-notifier package/version in package-lock.json, or run the skill in a restricted environment. If you accept those trade-offs, the skill is coherent with its stated purpose.
scripts/send-notification.js:27
Shell command execution detected (child_process).
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.

Like a lobster shell, security has layers — review code before you run it.

latestvk978mzsfmm12q5w3pbna098sen83n1c4

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments