ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Book Locksmith

v1.0.1

Book locksmith services through Lokuli MCP. Use when user needs to find and book locksmith. Triggers on requests like "book a locksmith", "find locksmith near me", or any locksmith service request.

0· 1.3k·0 current·0 all-time
byLokuli@edwardrodriguez703-design
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The skill claims to book locksmiths via Lokuli's MCP endpoint, which is consistent with the name/description. However, the SKILL.md references an external API (https://lokuli.com/mcp/sse) but declares no credentials or auth mechanism. Booking services normally require authenticated API access and confirmation of customer details; the absence of any declared auth or explanation is a mismatch.
!
Instruction Scope
Instructions show JSON-RPC payloads for search, check_availability, and create_booking and would transmit personal data (customerName, customerEmail, customerPhone). The SKILL.md provides hardcoded example values (zipCode 90640, sample customer info) and gives no guidance to prompt the user for consent/verification, or to validate/location-match before placing a booking. It does not instruct reading unrelated system files or env vars, which is good, but it also lacks necessary runtime steps (auth, user confirmation, explicit input collection).
Install Mechanism
This is an instruction-only skill with no install spec and no code files, so it does not write code to disk or pull external packages. That minimizes install-time risk.
!
Credentials
The registry metadata lists no required environment variables or primary credential, yet the SKILL.md expects the agent to call an external MCP endpoint. If the endpoint requires an API key/session token, that credential is missing from the declared requirements. Additionally, the skill will handle user PII for bookings but provides no declared requirement or guidance for securely obtaining/storing that data.
Persistence & Privilege
The skill is not always-enabled (always: false), is user-invocable, and does not request system or other skills' configuration. It does not request persistent presence or elevated privileges.
What to consider before installing
This skill appears to do what it says (book locksmiths) but is incomplete and potentially risky in practice. Before installing or enabling it, ask the publisher or maintainer: (1) How is authentication to https://lokuli.com/mcp/sse handled? Where would an API key or token be stored? (2) Will the agent always prompt you to confirm address, zip code, date/time, and your contact details before creating a booking? (3) Is there a sandbox or dry-run mode to test behavior without placing real bookings or charges? (4) Does lokuli.com have a privacy/security policy you can review? If you proceed, require the skill to explicitly prompt for and confirm all personal info and to surface any costs/charges before creating bookings. Because the SKILL.md uses hardcoded ZIP and sample PII and provides no auth details, treat it as untrusted until these questions are answered.

Like a lobster shell, security has layers — review code before you run it.

latestvk974n0qbv7k3dab68aprtt3ajs80nrcy

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments