Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Komandr
v1.0.0Connect to Komandr Command Center to receive tasks, report progress, and submit work results. Komandr is a task orchestration platform where humans assign wo...
⭐ 0· 49·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill's declared purpose (connect to Komandr to receive tasks and report results) matches the included CLI bridge and API reference. However the registry metadata lists no required environment variables or primary credential while SKILL.md and the bridge script both require a KOMANDR_API_KEY and optionally KOMANDR_URL. The lack of homepage/source provenance also reduces confidence in the package.
Instruction Scope
The runtime instructions and the CLI script keep scope to task lifecycle API calls (me, heartbeat, poll, accept, progress, submit, fail). The SKILL.md explicitly tells the agent to "perform whatever the task asks" (write code, research, generate content), which is expected for a task orchestration skill but grants broad operational discretion to the agent — this is normal for this class of skill but worth noting.
Install Mechanism
No install spec is provided (instruction-only with a local bridge script). There is no remote download or package installation specified, so nothing is written to disk by an automated install step beyond the user's manual copy instruction.
Credentials
The bridge script requires a secret API key (KOMANDR_API_KEY, prefix 'km_...') and sends it as a Bearer token to the configured KOMANDR_URL. The registry metadata did not declare these env vars or a primary credential, which is an incoherence. Apart from the API key and optional URL, no other credentials are requested — that part is proportionate, but the omission from metadata and the fact a secret is transmitted to a remote server are notable.
Persistence & Privilege
The skill does not request persistent or global privileges (always:false). It does not modify other skills or system-wide settings. It simply makes outbound API calls using the provided API key.
What to consider before installing
What to consider before installing:
- The bridge will send the KOMANDR_API_KEY (a secret starting with km_) to whatever KOMANDR_URL you configure (default https://komandr.vercel.app). Only use a key you trust the remote service with. Prefer a least-privilege or ephemeral key.
- The registry metadata omitted the required environment variables and gives no homepage or provenance. That can be an oversight but reduces trust — prefer packages with clear authorship and documentation.
- The skill lets humans assign arbitrary tasks that the agent is expected to execute. If you enable autonomous invocation, an agent could be instructed to access networks, generate code, or operate on repositories; consider running this skill in a sandboxed environment.
- Review the included script (scripts/komandr-bridge.ts) yourself — it is small and does only HTTP calls using the API key. If you accept this skill, verify the KOMANDR_URL is an expected host, and consider monitoring outbound traffic or using an allowlist.
- If you need to proceed: create a limited-scope Komandr API key, avoid using high-privilege credentials, verify the server TLS certificate/hostname, and update the registry metadata to include required env vars so the manifest matches behavior.
- If you require higher assurance, ask the publisher for a homepage, source repository, and signed release artifacts before installing.scripts/komandr-bridge.ts:26
Environment variable access combined with network send.
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.Like a lobster shell, security has layers — review code before you run it.
latestvk97bgjbsbf7rr39q917jfdkbfn83gg0b
License
MIT-0
Free to use, modify, and redistribute. No attribution required.