ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Deterministic security fixes for infrastructure code via Gomboc.ai Community Edition

v0.2.0

Automatically scan and deterministically fix security issues in Terraform, CloudFormation, and IaC with merge-ready pull requests and CI/CD integration.

0· 65·0 current·0 all-time
byGomboc AI@gomboc-ai
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The skill claims deterministic remediation for IaC and the included CLI and MCP instructions call a Gomboc GraphQL API with a bearer token — that capability aligns with the stated purpose. However, the registry header at the top of the submission says "Required env vars: none / Primary credential: none" while .clawhub.yml, SKILL.md, and the scripts require GOMBOC_PAT. This metadata mismatch is an incoherence that should be fixed.
Instruction Scope
SKILL.md instructs agents to run local CLI, start an MCP server (docker-compose), and wire GitHub Actions. The runtime scripts only operate on a user-specified path and call the external API; they do not attempt to read arbitrary system files. However, the remediate command and GitHub Actions examples describe auto-commit and push behavior (server-side apply/push or CI runs that call remediate with commit/push), which grants the skill the ability to modify repositories if given credentials — that is expected for a remediation tool but must be considered a privileged capability.
Install Mechanism
No installer downloads or external package installs are present; this is an instruction + script bundle relying on Python and optional Docker. No remote arbitrary code downloads or URL-shortened installs were found.
!
Credentials
The only sensitive credential used is a single bearer token (GOMBOC_PAT) which is appropriate for an API-based remediation service. But the package metadata in the top summary incorrectly lists no required env vars whereas .clawhub.yml and the SKILL.md require GOMBOC_PAT. That inconsistency can mislead users. Also, because the token may be used in CI (GitHub Actions) or MCP server contexts to perform commits/pushes, users should ensure the token has least privilege (e.g., limited repo scope) and is stored as a secret.
Persistence & Privilege
always:false (no forced presence). Model invocation is allowed (default), so agents can autonomously call this skill. Autonomy plus the ability to request remediation/commit operations increases blast radius if misused — a legitimate design choice for remediation tools but something to monitor (use branch protections, require PR reviews). The skill does not attempt to modify other skills or global agent config.
Scan Findings in Context
[NO_MATCHES] expected: Static pre-scan found no injection or regex hits. The package includes network calls to https://api.app.gomboc.ai/graphql which are expected for this remediation service; absence of matches doesn't imply safety — review of runtime behavior is still necessary.
What to consider before installing
This skill generally does what it says: it uses a Gomboc.ai bearer token (GOMBOC_PAT) to call an API that scans and can generate or apply fixes. Before installing: 1) Fix the metadata mismatch — the top-level registry info claiming "no env vars" is wrong; the skill requires GOMBOC_PAT. 2) Only provide a token with least privilege (create a token scoped narrowly to the repos you want to remediate; avoid a broad org-level deploy token). 3) Treat auto-remediation (remediate --commit/--push and CI steps) as high privilege: enable branch protection/required PR reviews or run in scan-only mode until you’ve audited fixes. 4) Verify the API endpoint and vendor: confirm https://api.app.gomboc.ai and the referenced GitHub repo/homepage exist and are maintained by trusted parties. 5) Run scripts/verify-setup.sh in an isolated environment to confirm behavior and that tokens are not printed. 6) If you allow autonomous agent invocation, monitor actions and restrict the skill’s runtime scope (e.g., limit agent permissions, require human approval for pushes). If you want, provide me the upstream repository URL or the Gomboc docs link so I can check whether the published claims (audit, 94% acceptance rate, security audit) are externally verifiable — that would raise confidence to high.

Like a lobster shell, security has layers — review code before you run it.

latestvk97693nmcqvfdks3671e2trr4d83kn6d

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments