Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
BugPack
v1.0.2BugPack - AI-powered bug tracking and fixing toolkit. List bugs, view bug details with screenshots, and fix bugs automatically. Includes three workflows: lis...
⭐ 0· 142·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The name/description (BugPack, local bug tracking + fixing) aligns with the instructions to call a local server (http://localhost:3456) and to list/view/fix bugs. However, the stated capability inherently requires access to the local codebase and filesystem, which the skill does not explicitly declare or limit.
Instruction Scope
SKILL.md tells the agent to run or rely on a local BugPack server (npx bugpack-mcp) and to use 'relatedFiles' or 'pagePath' to locate relevant source code, then 'apply fix: edit source code' and mark bugs as fixed. Those instructions require reading and writing arbitrary local files and interpreting paths provided by the server — potentially exposing secrets or modifying sensitive files. The instructions do not constrain which files may be touched, nor require explicit user review before edits.
Install Mechanism
No install spec in the skill package, but the SKILL.md explicitly instructs starting the server with 'npx bugpack-mcp'. npx will fetch and execute a package from the npm registry (network download + run), which is equivalent to running arbitrary third-party code on the machine. That is a high-risk operation and is not vetted or sandboxed by the skill.
Credentials
The skill declares no required env vars or config paths, but runtime behavior (reading 'relatedFiles', screenshots, environment, and modifying source files) implies access to arbitrary local filesystem paths and project data. The lack of declared required permissions or explicit limitations makes the requested access disproportionate and opaque.
Persistence & Privilege
The skill does not request permanent 'always' inclusion and does not declare changing other skills' configs. However, because it enables autonomous actions (normal default) combined with instructions to edit local code and to run an npm package, the potential blast radius is larger — consider restricting autonomous execution or requiring manual confirmation for file changes.
What to consider before installing
This skill appears to do what it says, but it relies on running 'npx bugpack-mcp' (which downloads and runs code from npm) and instructs the agent to locate and edit local source files. Before using it: 1) Inspect the 'bugpack-mcp' package source (do not run npx blindly); 2) Run the server in a sandboxed or disposable environment (container / dedicated VM) if you must; 3) Backup your repository and enable version control protection (review edits as PRs, require human approval) so automated fixes cannot overwrite important files; 4) Confirm that 'relatedFiles' paths cannot point at secrets or system files; 5) Prefer disabling autonomous edits — require the agent to produce patch suggestions for manual review rather than applying changes automatically. If you cannot audit the npm package or are uncomfortable with file-system edits, do not enable this skill.Like a lobster shell, security has layers — review code before you run it.
latestvk97ehjcphvh5rh9ws9bjm8men18358b6
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
📦 Clawdis