ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Trigger Evaluator

v1.0.0

Evaluate real OpenClaw trigger rules against the current database state. Use for heartbeat-style trigger checks, especially stale mission detection backed by...

0· 192·1 current·1 all-time
by@ecosincronia
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
The skill claims to 'wrap' the real stale_missions_engine and to inspect trigger rows, which aligns with its name. However it hardcodes a workspace path (/home/cmart/.openclaw/workspace) and a production engine path rather than declaring that it requires access to that workspace or the engine. It also assumes a specific Docker container name and DB credentials. Those hardcoded assumptions are not proportional to the stated, narrow purpose and reduce transparency.
!
Instruction Scope
The evaluate command execs the production engine script directly (exec "$ENGINE"). That script is not bundled here; running it may read other files, mutate the database, send alerts, or perform network operations beyond simple evaluation. The SKILL.md describes only 'evaluate' and 'inspect' but does not warn that the engine may have side effects. The inspect command runs docker exec psql to read the trigger rule row which matches the described inspect purpose.
Install Mechanism
This is an instruction-only skill with no install spec, so nothing will be written to disk by an installer. That is the lower-risk option for installation mechanism.
!
Credentials
The skill declares no required environment variables or binaries, but the script implicitly requires: access to /home/cmart/.openclaw/workspace, an executable engine at that path, and the docker CLI plus permission to talk to the Docker daemon (to run docker exec against 'supabase-db'). It also hardcodes DB_USER/DB_NAME and a container name. These implicit privileges and hardcoded credentials are disproportionate and undocumented.
Persistence & Privilege
The skill does not request 'always: true' and is user-invocable only. Autonomous invocation is allowed (platform default). Coupled with the ability to exec a production engine script, this gives the skill potential to perform impactful actions if run autonomously — not a direct configuration flag but an operational risk to consider.
What to consider before installing
This skill will run a production engine script from a hardcoded user workspace and run docker exec to query your DB container, but it does not declare those dependencies. Before installing: 1) Review the actual engine script at /home/cmart/.openclaw/workspace/scripts/stale_missions_engine.sh to confirm it is safe and idempotent. 2) Ensure you are comfortable granting the agent access to Docker (docker CLI and Docker daemon) and that the container name 'supabase-db' and DB credentials are correct for your environment. 3) Prefer a version that documents required binaries/env vars (docker, path to engine) or that bundles a read-only inspect-only mode if you only want to view trigger definitions. If you cannot inspect the engine or do not want the agent to execute production scripts, do not install or run the evaluate command.

Like a lobster shell, security has layers — review code before you run it.

latestvk97707nrtm16bcfnpb8ssjk7dh82rj18

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments