ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

skill-base-cli

v1.0.0

The official Skill Base CLI client. Use the `skb` (Skill Base CLI) command to search, install, update, publish, and import-from-GitHub skills from Skill Base...

0· 37·0 current·0 all-time
by@ginuim
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The SKILL.md describes an official CLI (skb) used to search, install, publish, and import skills, which matches the skill name and description. However, the runtime docs require Node.js >=18 and recommend npm/npx usage, yet registry metadata lists no required binaries. That mismatch is unexpected (the CLI legitimately needs Node.js).
Instruction Scope
Instructions are focused on CLI usage: search/install/update/publish, configuring SKB_BASE_URL, and the login flow. They tell the agent to run terminal commands and to read/write ~/.skill-base/config.json (local install records and stored PAT). There is no instruction to read unrelated system files or exfiltrate data, but publishing/importing will upload folder contents to the configured server — a sensitive operation the user must approve.
Install Mechanism
This is an instruction-only skill (no install spec). SKILL.md tells users to run `npm install -g skill-base-cli` or use `npx`. That's a reasonable deployment option for a Node CLI, but the lack of an install spec in the registry metadata is an omission. Also note: running `npm install -g` executes third-party code on the user's machine, which is normal for CLIs but carries usual npm risks.
!
Credentials
The README references an environment variable SKB_BASE_URL and the config path ~/.skill-base/config.json (which will store auth/PATs and install records). The registry metadata declares no required env vars or config paths — this is inconsistent. The skill will cause tokens/PATs to be created and stored locally when the user runs `skb login` and will send skill files to the configured server when publishing; these behaviors are expected for the CLI but are sensitive and should be clearly declared.
Persistence & Privilege
The skill does not request always:true and does not alter other skills. It will cause the CLI to create and update files under the user's home (~/.skill-base/) and may install skills into local or IDE directories. This is normal for a CLI but means the skill can persist data (config and tokens) on the host.
What to consider before installing
This SKILL.md looks like legitimate documentation for a CLI, but the registry metadata omits important runtime requirements. Before installing or following agent actions: (1) Confirm you have Node.js >=18 and trust the npm package source; (2) Be aware `skb login` creates and stores a PAT in ~/.skill-base/config.json — do not paste that PAT into chat; (3) Verify SKB_BASE_URL points to a trusted Skill Base server before publishing — publishing will upload your skill folder to that server; (4) Ask the publisher/maintainer to update the registry metadata to declare required binaries (Node.js), the SKB_BASE_URL env var, and the config path. If you are uncomfortable with the CLI installing packages or storing tokens, do not proceed.

Like a lobster shell, security has layers — review code before you run it.

latestvk975xw6306n9xbwse9r1dgwyy984twpg

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments