Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Monid
v0.0.1How to use the Monid CLI to execute data scraping and collection tasks from social media platforms, e-commerce sites, and search engines. Use this skill when...
⭐ 0· 101·0 current·0 all-time
byFeiyou Guo@feiyoug
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description match the instructions: the SKILL.md is a how-to for a Monid CLI that performs paid scraping across many platforms. Requiring CLI installation, OAuth, and local key material is consistent with that stated purpose. There is no unrelated credential or binary requested.
Instruction Scope
The runtime instructions tell the agent to ALWAYS use this skill for any scraping-related user utterance (even if Monid wasn't requested) — this is overly prescriptive and expands agent scope. The SKILL.md also instructs running OAuth flows, starting a local callback server on port 8918, and storing workspace and key files in ~/.monid, which are functional for a CLI but are sensitive operations that should be explicitly consented to by the user.
Install Mechanism
Although the package is instruction-only (no install spec), the recommended install command pipes a raw GitHub-hosted install.sh into bash (curl -fsSL https://raw.githubusercontent.com/FeiyouG/monid-client/main/install.sh | bash). Fetching and executing remote scripts by pipe is high-risk unless the user inspects the script; GitHub raw is a common host but the practice can install arbitrary code.
Credentials
The skill declares no required env vars or credentials, which matches the package metadata. However, the CLI flow includes OAuth sign-in (Google/GitHub/etc.), creates an Ed25519 keypair, encrypts and stores the private key locally, and auto-registers the public key with a remote backend—these are expected for a client that authenticates and signs requests but involve sensitive data and network registration that users should understand.
Persistence & Privilege
The skill itself is not 'always:true' and does not request elevated platform privileges, but the instruction to 'ALWAYS use this skill when the user mentions scraping' effectively biases the agent to repeatedly recommend installing and using an external CLI that will persist files under ~/.monid and register keys with a backend. Combined with the curl|bash install instruction, this raises persistence and trust concerns.
What to consider before installing
This skill is internally consistent with a third‑party scraping CLI, but exercise caution before following its instructions. Do not run curl | bash on a URL you haven't inspected—download the install script first and review it. Be aware that authenticating will open a local callback server and register keys publicly with Monid's backend, and the CLI will write config/key files under ~/.monid. Ask whether you want the agent to automatically prefer this third‑party tool for all scraping tasks (the SKILL.md tells the agent to always use Monid). Verify the upstream repository (FeiyouG/monid-client) and its releases, confirm payment/cost implications, and ensure any scraping you perform complies with target sites' terms and laws. If you are uncomfortable, decline installation or restrict the agent from autonomously invoking this skill.Like a lobster shell, security has layers — review code before you run it.
latestvk97ajxdgfzyees3qmemn6nwcjn83533h
License
MIT-0
Free to use, modify, and redistribute. No attribution required.