ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Way

v1.0.0

Shorthand for /whoareyou — show your verified wayID identity card

0· 72·0 current·0 all-time
byErasmus Hagen@erasmus
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The described purpose (show a verified wayID card) matches the runtime steps (read a public key and call way.je APIs). However the skill metadata claims no required config paths or credentials while SKILL.md explicitly requires reading ~/.openclaw/identity/device.json — a clear metadata/instruction mismatch.
Instruction Scope
Instructions limit actions to two HTTPS API calls to way.je and a single local file read. They explicitly forbid opening a browser and forbid inventing data. That scope is appropriate for the stated purpose, but the single local file contains both publicKey and privateKey; although the doc says only publicKey is needed, reading a file that holds a privateKey increases risk if the agent mishandles the content.
Install Mechanism
Instruction-only skill with no install spec and no code files — nothing is written to disk by an installer. This is low-risk from an install mechanism perspective.
!
Credentials
The skill requests no environment variables or declared config paths, yet it requires reading a sensitive local file (~/.openclaw/identity/device.json) that contains a private key. The lack of declared config requirements is inconsistent and the implicit need to access a file with private material is disproportionate unless the agent strictly extracts only the publicKey and the implementation guarantees the privateKey is never read/exfiltrated.
Persistence & Privilege
The skill does not request persistent presence (always is false), is user-invocable, and does not request system-wide changes. No elevation of privilege or persistent hooks are requested.
What to consider before installing
This skill is mostly coherent with its goal, but be cautious: SKILL.md requires reading ~/.openclaw/identity/device.json — a file that includes your Ed25519 privateKey — even though the document says only the publicKey is needed. Before installing/use, ask the skill author to (1) update the metadata to declare the required config path, (2) change the file format or provide a helper that exposes only the publicKey (so the agent never reads privateKey), or (3) confirm in code that the privateKey is never read, logged, or transmitted. Also verify the trustworthiness of the way.je endpoints (TLS, correct hostname), and only run this skill in environments where exposing the identity file for read access is acceptable. If you are not comfortable with any possibility of the privateKey being read or transmitted, do not install or invoke the skill.

Like a lobster shell, security has layers — review code before you run it.

latestvk973f2nhx8jy9teb7fq7pnzf7583dag9

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments