ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

LastPass CLI Skill

v0.1.0

Securely fetch credentials from LastPass vault via lpass CLI.

2· 1.7k·2 current·2 all-time
by@gitchrisqueen
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
high confidence
Purpose & Capability
The skill's name/description match the included behavior: the tool runs the local lpass CLI to return a password, username, notes, or raw entry. However, the skill metadata lists no required binaries while the included script calls the 'lpass' executable — this omission is an incoherence that should be corrected.
Instruction Scope
SKILL.md and tools/lastpass.sh limit actions to invoking 'lpass show' for a specific named entry and field. The tool prints secrets to stdout (normal for CLIs) but the SKILL.md does not include any guidance about secure handling (no mention to avoid logging, to limit exposure, or how to ensure a valid session).
Install Mechanism
No install spec is present and the included shell script is small and straightforward. There is no network download or archive extraction in the skill itself, which keeps installation risk low.
!
Credentials
The skill requests no environment variables or credentials in metadata, yet it depends on the local 'lpass' binary and a LastPass session (which may be authenticated via local agent, cached session, or environment). The omission of 'lpass' from required binaries/primary credential is misleading; the skill inherently requires access to local vault credentials and could expose secrets if misused.
Persistence & Privilege
The skill is not always-enabled and uses the platform defaults for invocation. It does not request elevated or persistent system presence.
What to consider before installing
This skill will run your local lpass CLI to print vault fields to stdout. Before installing: (1) Confirm you trust the skill source and inspect the small script (it simply runs 'lpass show'). (2) Ensure the agent environment actually has the 'lpass' binary and a valid LastPass session — the skill metadata should be updated to declare 'lpass' as a required binary. (3) Be aware that any secret returned is printed to stdout and could be logged or exfiltrated by the agent; only allow use in trusted, minimal-privilege contexts and prefer user-invocation. (4) Ask the maintainer to add explicit required-binaries metadata, guidance in SKILL.md about safe secret handling (avoid logs, prefer ephemeral usage), and input validation (sanitize entry names) before deploying widely.

Like a lobster shell, security has layers — review code before you run it.

latestvk97akqdtvj16ahdva3ed086vps80dvp9

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments