ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Proof Engine

v1.0.1

Transforms every result [PRINCIPAL_NAME] achieves into deployable proof across all business domains. Captures P&L, agent performance, funnel revenue, testimo...

0· 104·0 current·0 all-time
byWesley Armando@georges91560
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The skill's code and SKILL.md align with the advertised purpose: it scans various business-related folders, builds a vault, dashboard, stories, and can produce deployable content. However the registry metadata at the top of the submission lists no required environment variables while the SKILL.md and README explicitly declare TELEGRAM_BOT_TOKEN and TELEGRAM_CHAT_ID — an internal inconsistency you should clarify with the publisher.
!
Instruction Scope
Runtime instructions and the included proof_manager.py instruct a full workspace scan for AUDIT.md and other artifacts across many directories (/workspace/proof, /workspace/brand, /workspace/CASHFLOW, /workspace/voice, /workspace/memory, /workspace/revenue, /workspace/content, /workspace/.learnings). This is coherent with a cross-domain 'proof' aggregator, but it gives the skill broad read access to potentially sensitive data (memory, revenue, other agents' logs). It also includes automated capture schedules and references to deploying proof into other pipelines (e.g., output to /workspace/voice/scripts/), which increases impact if misused.
Install Mechanism
No install spec is present (instruction-only with included source files). That limits disk modifications to the included code running at runtime; there are no external downloads or package installs in the manifest.
!
Credentials
The SKILL.md and README require TELEGRAM_BOT_TOKEN and TELEGRAM_CHAT_ID for notifications (and the code includes a notify_telegram function calling https://api.telegram.org). Yet the registry summary earlier declared 'Required env vars: none' — a mismatch. Aside from Telegram, the skill relies on a default PROOF_DIR and reads many workspace paths; that level of access is plausible for its function, but it also means the skill could read unrelated secrets stored elsewhere in the workspace. The Telegram credential request is proportionate to notifications, but you should confirm you are comfortable granting it network+messaging capability.
Persistence & Privilege
The skill is not always-enabled and does not advertise modifying other skills' configurations. It writes to its own workspace area (/workspace/proof/ and /workspace/.learnings) and creates audit/error logs. However, because it can be invoked autonomously (platform default) and scans the entire workspace, its autonomous invocation increases the blast radius — combine that with network access (Telegram) and broad read scope when deciding trust.
What to consider before installing
Things to check before installing: - Confirm the registry-level metadata vs SKILL.md: the package claims no required env vars but both SKILL.md and README require TELEGRAM_BOT_TOKEN and TELEGRAM_CHAT_ID. Ask the publisher to clarify. - Review the included proof_manager.py yourself (or have someone trusted do so). It performs wide workspace reads (including /workspace/memory and revenue folders) and will auto-capture data. Ensure there are no secrets or credentials in those locations you don't want exposed to the skill. - If you need Telegram notifications, create a dedicated bot/chat and limited token (don’t reuse sensitive bot tokens) and test in an isolated sandbox workspace first. - Because the skill can run autonomously and scans many directories, avoid installing it in a production environment containing sensitive keys or private data until you are confident of its behavior. - If you proceed, set PROOF_DIR to an explicit, narrow path you control and verify resulting writes (vault, dashboard, stories). Monitor network calls during initial runs to confirm only the expected Telegram API endpoint is used. - The skill source appears to implement the described functionality (not obviously malicious), but the combination of broad read scope + network notifications + metadata mismatch warrants caution.

Like a lobster shell, security has layers — review code before you run it.

#proof #socialproof #credibility #storytelling #dashboard #revenue #analytics #automation #testimonials #content #branding #funnels #opportunities #business2026 #ai #telegram #multichanel #growth #results #entrepreneurvk97032nythk53w73ymp8m5kra98336rvlatestvk97869degjp0e9gcy1wzf410gs833fh6

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

💎 Clawdis

Comments