ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Protea Self Evolving Life Agent

v1.0.0

Self-evolving artificial life agent. Three-ring architecture: Ring 0 (Sentinel) supervises, Ring 1 (Intelligence) drives LLM-powered evolution, Ring 2 (Evolv...

1· 325·3 current·3 all-time
by@edisonchenai
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The skill claims to be a self-evolving agent (which legitimately needs LLM API keys, git, Python, and optional Telegram credentials). However, the registry metadata lists no required environment variables, no install steps, and no primary credential. That mismatch (SKILL.md listing LLM API keys and system prerequisites while the manifest declares none) is incoherent and unexplained.
!
Instruction Scope
SKILL.md explicitly instructs: curl a remote setup.sh from GitHub and pipe to bash, then run run.py. The runtime instructions describe a program that self-modifies, runs LLM-driven code mutations, runs a Telegram bot, and exposes a web dashboard. These instructions direct the agent/operator to fetch and execute arbitrary remote code and to operate persistent, networked services — behavior that extends well beyond a simple helper skill and could modify local repositories and files.
!
Install Mechanism
There is no formal install spec in the manifest, but SKILL.md tells the user to run curl https://raw.githubusercontent.com/…/setup.sh | bash. Piping an unsigned remote script to shell is high risk because it executes code fetched at runtime; the instruction does not pin a release or provide integrity checks.
!
Credentials
The SKILL.md says 'At least one LLM API key (Anthropic, OpenAI, DeepSeek, or Qwen)' and the feature list implies Telegram tokens and likely other credentials. The declared manifest lists no required env vars or primary credential — a clear inconsistency. Asking for multiple LLM provider keys and a Telegram bot token (implied) is plausible for the described features but should be declared explicitly and minimized.
!
Persistence & Privilege
The skill describes persistent behavior (git-managed Ring 2 repo, web dashboard, Telegram bot) and self-reproduction/self-evolution. While always:false, the runtime instructions create long-lived services and modify a local git repo, which gives significant persistence and privilege on the host. The skill also instructs executing remote setup scripts that may install persistent components.
What to consider before installing
This SKILL.md instructs you to download and run an unsigned remote setup script and to run a program that mutates and rewrites its own code, opens a local web UI, and runs a Telegram bot. Before installing: (1) Do not run curl|bash on unreviewed scripts — instead inspect the setup.sh in the repo and verify a tagged release and checksum. (2) Expect to provide LLM API keys and likely a Telegram token; only give keys you control and can revoke. (3) Run first in an isolated VM or container with no access to sensitive files or credentials. (4) Review the GitHub source (run.py and setup.sh), search for network/exfiltration or credential use, and prefer pinned releases. (5) If you are not comfortable auditing self-modifying code, avoid installing or restrict network and filesystem permissions tightly.

Like a lobster shell, security has layers — review code before you run it.

latestvk97fn2az708xwkk4t984g14jkh82fdg0

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments