ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

WorkOS

v1.0.0

Manage enterprise SSO, Directory Sync (SCIM), Admin Portal, and user management via WorkOS API. Use when asked to set up SSO for an organization, provision u...

0· 65·1 current·1 all-time
by@dwhite-oss
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name, description, and runtime instructions consistently target the WorkOS API (SSO, SCIM, Admin Portal, user management). The requested API calls match the stated purpose.
Instruction Scope
SKILL.md contains concrete curl examples for WorkOS endpoints and only references API inputs (organization id, connection id, auth code, client id) and environment variables (WORKOS_API_KEY). It does not instruct the agent to read unrelated files or system paths. However, the instructions do require secrets (API key, client_id placeholders) that are not declared in the skill manifest.
Install Mechanism
No install spec and no code files — instruction-only skill. This minimizes disk-write/installation risk.
!
Credentials
SKILL.md explicitly requires WORKOS_API_KEY and uses WORKOS_CLIENT_ID in examples, but the registry metadata lists no required env vars and no primary credential. That mismatch is a red flag: the skill will expect/consume credentials at runtime even though none are declared. Requesting an API key for the target service is reasonable, but the manifest should list it. The skill could use any API key supplied by the agent or environment, so supply least-privilege credentials and confirm what's required.
Persistence & Privilege
always is false and model invocation is allowed (platform default). The skill does not request persistent system changes or to modify other skills. No elevated persistence requested.
Scan Findings in Context
[no-regex-findings] expected: The repository contained only an instruction file (SKILL.md), so the regex-based scanner had no code to analyze. This is expected for an instruction-only skill, but it means static scans offer little signal.
What to consider before installing
What to consider before installing: - The SKILL.md needs a WORKOS_API_KEY (and shows a WORKOS_CLIENT_ID), but the skill metadata doesn't declare these — ask the publisher to update the manifest to list required env vars and the primary credential. - Only provide a least-privilege WorkOS API key scoped to the operations you want (prefer a read-only key if you only need listings). Avoid giving full-admin keys unless necessary. - Because this is an instruction-only skill, it will make outbound API calls using whichever WORKOS_API_KEY is available to the agent; monitor WorkOS audit logs for unexpected activity and rotate keys if you see misuse. - Verify the skill source/owner before trusting it: there is no homepage and the owner ID is opaque. If you can't verify provenance, prefer testing in a non-production environment with test credentials. - Recommend the publisher declare WORKOS_API_KEY (and WORKOS_CLIENT_ID if required) in the registry and indicate the minimal scopes required; that resolves the primary incoherence observed here.

Like a lobster shell, security has layers — review code before you run it.

directoryvk973mkywxpm6qt4t3srt7kw2y983qkz4enterprise-authvk973mkywxpm6qt4t3srt7kw2y983qkz4latestvk973mkywxpm6qt4t3srt7kw2y983qkz4samlvk973mkywxpm6qt4t3srt7kw2y983qkz4scimvk973mkywxpm6qt4t3srt7kw2y983qkz4ssovk973mkywxpm6qt4t3srt7kw2y983qkz4workosvk973mkywxpm6qt4t3srt7kw2y983qkz4

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments