ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

361SCAN security check your skill python scripts

v1.0.0

Scan and analyze installed skills. Use when user wants to (1) scan a specific skill directory to view its name, description, and details, or (2) scan all ins...

0· 40·0 current·0 all-time
byJay@goog
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name and description match the instructions: the skill is an instruction-only scanner that searches for SKILL.md files and extracts frontmatter. The required resources declared in the registry are minimal and consistent with this purpose.
Instruction Scope
Runtime instructions are limited to validating paths, recursively finding SKILL.md files, parsing YAML frontmatter, and displaying results — all consistent with a local skills scanner. However, the CLI usage allows scanning any filesystem path the user supplies, so misuse could expose arbitrary local files if pointed outside the skills directory. The SKILL.md does not specify safeguards, nor does it outline what metadata is collected beyond name/description.
!
Install Mechanism
There is no formal install spec in the registry, but the SKILL.md tells users to run `pip install skill-361`. That requires downloading and executing code from PyPI (or another pip index) outside of the registry's control. Because the package name is not declared in metadata and the source/maintainer is unknown, this is a risk: the installer could contain arbitrary code, which is higher risk than a pure instruction-only skill.
Credentials
No environment variables, credentials, or config paths are requested. The scanner only needs filesystem read access to the target directories. That access level is proportionate to the stated purpose, though the tool's ability to scan arbitrary paths should be considered when granting it filesystem access.
Persistence & Privilege
The skill does not request always: true, does not declare autonomous-only behavior, and does not request persistent privileges or modify other skills. No elevated persistence or cross-skill configuration changes are indicated.
What to consider before installing
This skill's behavior (reading SKILL.md files and extracting YAML frontmatter) is coherent with its description, but the SKILL.md tells you to run `pip install skill-361` even though the package is not declared in the registry metadata. Before installing or running it: (1) verify the pip package's source and maintainer on PyPI (or inspect the package contents) — don't install unknown packages into your main environment, (2) run the package in an isolated environment (virtualenv, container) if you must install it, (3) avoid scanning sensitive directories — the CLI accepts arbitrary paths and will read files it is pointed at, and (4) prefer tools with an explicit install spec or source repository you can audit. If you can, request the upstream package repository or source files for review; that would change this assessment to benign if the install is from a trusted, auditable source.

Like a lobster shell, security has layers — review code before you run it.

latestvk972t6gsvfafgy2s9hssat317h83h8as

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments