ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Gws Modelarmor

v1.0.12

Google Model Armor: Filter user-generated content for safety.

0· 407·13 current·13 all-time
by@googleworkspace-bot
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The skill's name/description (Model Armor content filtering) align with its instructions to call 'gws modelarmor' and inspect schema; requiring a 'gws' binary is reasonable for a CLI wrapper.
!
Instruction Scope
SKILL.md explicitly instructs the agent to read '../gws-shared/SKILL.md' for auth/global flags and to run 'gws generate-skills' if missing. That directs agent access to a file outside the skill's own directory and to create files, which expands scope and requires trust in what that shared file contains.
Install Mechanism
No install spec or code is present (instruction-only), so nothing is written by the skill itself. The runtime depends solely on an existing 'gws' binary.
!
Credentials
The skill declares no required env vars or credentials, yet points to a shared SKILL.md for auth and global flags. This non-disclosure of how authentication is handled (env, config files, or other) reduces transparency and is disproportionate.
Persistence & Privilege
always:false and no code means no forced persistence, but the instructions encourage creating/reading a shared config file via 'gws generate-skills', which could modify agent files or create persistent auth artifacts — acceptable if trusted, but worth reviewing.
What to consider before installing
This skill is an instruction-only wrapper around a 'gws' CLI. Before installing, verify the source and trustworthiness of the 'gws' binary (who provides it, official repo, checksums). Open and inspect the referenced ../gws-shared/SKILL.md to see how authentication and global flags are handled — it may contain credentials or instructions that create/configure auth artifacts. Also inspect the helper SKILL.md files mentioned (sanitize-prompt, sanitize-response, create-template) to ensure they don't introduce unexpected behavior. If you cannot locate the origin/homepage of the 'gws' tool or the shared SKILL.md, treat this skill as untrusted because it can cause the agent to read or create configuration files and call an external CLI with network access.

Like a lobster shell, security has layers — review code before you run it.

Plugin bundle (nix)
Skill pack · CLI binary · Config
SKILL.mdCLIConfig
CLI help (from plugin)
gws modelarmor --help

Runtime requirements

Binsgws
latestvk97at7n7sc9vhkhscrx67hwebx83yf8d
407downloads
0stars
13versions
Updated 8h ago
v1.0.12
MIT-0
@googleworkspace-bot
latest
Download

modelarmor (v1)

PREREQUISITE: Read ../gws-shared/SKILL.md for auth, global flags, and security rules. If missing, run gws generate-skills to create it.

gws modelarmor <resource> <method> [flags]

Helper Commands

CommandDescription
+sanitize-promptSanitize a user prompt through a Model Armor template
+sanitize-responseSanitize a model response through a Model Armor template
+create-templateCreate a new Model Armor template

Discovering Commands

Before calling any API method, inspect it:

# Browse resources and methods
gws modelarmor --help

# Inspect a method's required params, types, and defaults
gws schema modelarmor.<resource>.<method>

Use gws schema output to build your --params and --json flags.

Comments

Loading comments...