Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Stitch Design Agent
v1.0.2Skill for an agent that integrates designs generated by Google Stitch directly into an app under development. Use this skill whenever the agent needs to: aut...
⭐ 1· 126·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The SKILL.md clearly requires a STITCH_TOKEN (Google OAuth token / service account key) and describes writing code into the active project; however the registry metadata lists no required env vars, no primary credential, and no config paths. That mismatch (declared zero credentials vs. SKILL.md requiring STITCH_TOKEN and optionally service-account keys) is incoherent and should be corrected before trusting the skill.
Instruction Scope
Instructions direct the agent to read process.env.STITCH_TOKEN, call an external API, create files under src/components/*.tsx, scan the repo (grep), inject imports/JSX, and run build/lint commands (npx tsc, npm run lint). Those actions are consistent with the stated integration purpose but they grant the skill broad ability to modify the user's codebase and run tooling — the SKILL.md also implies handling service-account private material. The instructions access secrets and modify source; that is expected but high-impact and not reflected in metadata.
Install Mechanism
No install spec and no code files — instruction-only skill. This minimizes disk-side risk since nothing is downloaded or installed by the skill itself.
Credentials
The SKILL.md requires a STITCH_TOKEN and suggests requesting the OAuth scope https://www.googleapis.com/auth/cloud-platform. cloud-platform is very broad (access across GCP) and likely overprivileged for a single Stitch API; service-account flows imply private keys. These sensitive credentials are not declared in the registry metadata. Requesting wide-scope OAuth tokens without justification is disproportionate.
Persistence & Privilege
The skill is not marked always:true and does not claim to modify other skills or system-wide settings. It will write into the active project and run local build tools, which is expected for its purpose but should be an explicit, user-approved capability.
What to consider before installing
Before installing, confirm the skill's origin (homepage/owner) and ask the publisher to fix the metadata to list STITCH_TOKEN (and any service-account key) as required. Do not grant a token with the cloud-platform scope unless you understand and accept the broad GCP privileges; prefer a least-privilege scope if Stitch exposes one. Expect the agent to write files into your repo and run build/lint commands — run this in a sandbox or on a branch, review generated code before committing, and ensure CI/linters/tests gate commits. If using a service account, store keys securely and restrict them to only the APIs needed. If the publisher cannot justify the scopes/credentials or provide a trustworthy homepage/source, treat the skill with caution and avoid installing it in production environments.Like a lobster shell, security has layers — review code before you run it.
latestvk9746p6y1hpffp70x290bbzw5d836r12latest2vk97205xh1btxqd6bw8xt2cmpgx837ee8latestavk970z4bb48zzfv1dywzd5sjmtx837zyz
License
MIT-0
Free to use, modify, and redistribute. No attribution required.