ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Lighthouse

v1.0.2

Lighthouse integration. Manage Organizations. Use when the user wants to interact with Lighthouse data.

0· 73·0 current·0 all-time
byVlad Ursul@gora050
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The name/description reference Lighthouse (the Google web-auditing tool) and link to its docs, but the SKILL.md lists actions like 'List Tickets', 'Create Project', 'List Messages' (project-management style) which do not match Lighthouse's domain. The doc also references Membrane connectors and proxying to a 'Lighthouse API'—it's unclear whether 'Lighthouse' here means Google Lighthouse, a different internal service named Lighthouse, or is simply mislabeled. This inconsistency could cause the agent to operate against the wrong service or expose unexpected data.
Instruction Scope
Instructions are narrowly scoped to installing the Membrane CLI, performing Membrane login, creating connections, listing actions, running actions, and proxying requests via Membrane. They do not instruct reading unrelated local files or environment variables. However, the documented ability to 'proxy requests' through Membrane means the skill can send arbitrary requests to endpoints available via the connection; verify which endpoints the connector exposes to avoid unintended data access/exfiltration.
Install Mechanism
This is an instruction-only skill with no automated install spec. It instructs users to run 'npm install -g @membranehq/cli' to install the Membrane CLI. Global npm installs are common but write to disk and affect the host environment; confirm the legitimacy of the npm package and install it in an environment you control if testing.
Credentials
The skill declares no required environment variables or credentials and explicitly advises letting Membrane handle credentials server-side. This is proportionate to the instructions, which rely on Membrane for auth rather than asking the user for API keys or secrets.
Persistence & Privilege
The skill is not set to always:true and is user-invocable; it does not request elevated persistent privileges. Autonomous model invocation is allowed by default but is not combined with other red flags here.
Scan Findings in Context
[no-regex-findings] expected: The static regex scanner had no code files to analyze; this is an instruction-only skill (SKILL.md) so absence of findings is expected but does not imply safety.
What to consider before installing
This skill's name and description suggest it integrates with Google Lighthouse, but the runtime instructions and action list look like a project/ticketing integration via Membrane. Before installing or using it: 1) Confirm with the publisher which 'Lighthouse' this targets (Google Lighthouse vs an internal ticketing system). 2) Verify the @membranehq/cli npm package source and install it only in a safe/test environment. 3) Review what endpoints the Membrane connector will expose or allow proxying to—avoid running actions that could access sensitive internal APIs until you're sure of the connector's scope. 4) If unclear, ask the skill author to correct the SKILL.md (it currently looks like a copy-paste or mislabeling) so you know what data the skill will access.

Like a lobster shell, security has layers — review code before you run it.

latestvk973wf4qvw7k7njjptj8kt2k11843yad

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments