ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Jsrt Claw

v0.1.0

Automate Windows system tasks by generating and running a single JavaScript file using Microsoft JsRT with COM objects and fallback support.

0· 499·0 current·0 all-time
byNamhyeon, Go@gnh1201
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
The name and description (Windows automation via Microsoft JsRT/WSH) match the SKILL.md content: the doc explains using COM objects (FileSystemObject, WScript.Shell, WMI, XMLHTTP, Office automation) and how to instantiate them. No unrelated credentials, binaries, or installs are requested.
Instruction Scope
Instructions direct generation and execution of an arbitrary .js script that can read/write files, run shell commands, query WMI (including remote WMI access patterns), automate Office, and make HTTP requests. Those actions are expected for an automation skill, but they are high-privilege capabilities: the SKILL.md does not limit or constrain what the generated script may do and recommends fetching polyfills from a CDN, which adds network activity and an external dependency.
Install Mechanism
There is no install spec and no code files — instruction-only. This minimizes supply-chain/install risk because nothing is downloaded or written by the platform installer itself. The only network reference is an optional runtime polyfill fetch (cdnjs) described in the instructions.
Credentials
The skill declares no environment variables, credentials, or config paths. The runtime instructions mention accessing environment variables and possible remote machine names (WMI), but that is coherent with Windows automation; the skill does not request unrelated secrets or broad credential access.
Persistence & Privilege
The skill is not forced-always and does not request persistent or elevated platform privileges. Model invocation is enabled (default) but that's normal; there is no evidence the skill attempts to alter other skills or system-wide agent configuration.
Assessment
This skill is coherent for Windows automation but produces and runs arbitrary JScript with full access to filesystem, shell, WMI, Office COM objects, and HTTP — which can be used to modify/delete files, execute commands, or exfiltrate data. If you plan to use it: (1) only run it on systems you control or test VMs; (2) always review the generated .js before running; (3) restrict network access when possible (or audit outbound requests); (4) avoid running with elevated privileges unless absolutely necessary; and (5) prefer explicit, minimal scripts rather than allowing the skill to generate broad-purpose scripts autonomously. If you need the skill for limited tasks, add usage constraints in prompts so it generates minimal, auditable actions.

Like a lobster shell, security has layers — review code before you run it.

latestvk9705eynq00k3vwfx6agb305ds81qkz7

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments