Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Dotfile Sync Manager
v0.1.0Synchronization management with external tools. chezmoi - dotfile template management [chezmoi.md], knowledge - session knowledge → Serena memory [knowledge....
⭐ 0· 31·0 current·0 all-time
byes6kr@drumrobot
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description (dotfile/sync management) aligns with the instructions (chezmoi, Syncthing, MCP, and knowledge sync). However, the skill expects to read and modify multiple user config files (~/.claude.json, ~/.cursor/mcp.json, ~/.utcp_config.json, Syncthing config.xml, chezmoi templates) while declaring no required config paths or credentials — a mild incoherence. Writing a single source of truth for MCP servers to many apps is consistent with the stated purpose but has high impact and should be explicit.
Instruction Scope
The SKILL.md instructs the agent to read local config files (Syncthing config.xml), extract an API key, call local REST endpoints (curl to localhost:8384), edit and apply chezmoi templates (which will modify many app configs), and delete index directories (rm -rf index-v2). It also instructs extracting 'infrastructure info' from conversations and writing it to Serena memory, which may capture and persist sensitive details from user sessions. Those file reads, writes, destructive operations, and memory writes go beyond simple advisory tasks and require explicit user consent and clearer limits.
Install Mechanism
Instruction-only skill with no install spec and no code files — lowest installation risk. There is no downloaded code or installation script to evaluate.
Credentials
The skill declares no required env vars or credentials, but its instructions access local configuration files (which may contain API keys/tokens) and use local service APIs (Syncthing) and internal MCP/UTCP tools for Serena memory writes. Because sensitive data may be read from those files and then transmitted to Serena memory or propagated across apps, the lack of declared credentials/config paths is disproportionate and reduces transparency.
Persistence & Privilege
always is false and the skill is not permanently installed, which limits persistent attack surface. However, its runtime behavior includes overwriting centralized dotfile templates and MCP server lists (which have cross-application scope) and saving into Serena memory — actions that have persistent effects on the user's environment and stored data and therefore require explicit confirmation.
What to consider before installing
This skill largely does what it says (manage chezmoi/Syncthing/MCP and save session knowledge), but it performs sensitive actions: reading local config files (including Syncthing's config.xml to extract an API key), calling the Syncthing REST API on localhost, modifying chezmoi templates that propagate to multiple app configs, and deleting Syncthing index directories (destructive). It also extracts and writes conversation-derived 'infrastructure info' into Serena memory, which could persist sensitive details. Before installing or invoking: 1) Back up your chezmoi source and any app config files the skill touches (e.g., ~/.claude.json, ~/.cursor/mcp.json, ~/.utcp_config.json, Syncthing config/index directories). 2) Require explicit prompts/consent before the skill performs destructive actions (index deletion, rm -rf). 3) Confirm where Serena memory is stored and who can access it; avoid automatically persisting sensitive conversation content. 4) Validate local Syncthing API behavior and ensure API keys are handled only locally and not exfiltrated. 5) Consider running the skill in a supervised mode (user-invoked only) rather than allowing autonomous invocation until you’re comfortable with its actions.Like a lobster shell, security has layers — review code before you run it.
latestvk9742a2hk715tr17r0rhsph9v583yp92
License
MIT-0
Free to use, modify, and redistribute. No attribution required.