ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Rock Rms

v1.0.2

Rock RMS integration. Manage data, records, and automate workflows. Use when the user wants to interact with Rock RMS data.

0· 96·0 current·0 all-time
byVlad Ursul@gora050
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The skill's description and SKILL.md state that it requires a valid Membrane account and network access to interact with Rock RMS, but the package metadata declares no required credentials, env vars, or config paths. A networked integration that accesses third-party data would normally require some form of API token or auth configuration—its absence is inconsistent with the stated purpose.
!
Instruction Scope
This is an instruction-only skill (SKILL.md is the runtime surface). The visible header explicitly requires a Membrane account, yet the instructions (as packaged) do not declare or expose how auth is provided. The SKILL.md is long and enumerates many Rock RMS resource types, which implies broad read/write capabilities; the instructions are therefore too vague about what data will be requested, what the agent will prompt the user for, and where data will be sent.
Install Mechanism
No install spec and no code files are included, so nothing is written to disk by the skill itself. That lowers installation risk compared to skills that download and execute archives.
!
Credentials
The skill requires a Membrane account to operate but declares no env vars or primary credential. That mismatch makes it unclear whether the skill will request credentials interactively, expect the platform to inject secrets, or attempt to operate unauthenticated. The skill also describes access to many Rock RMS entities (people, financials, workflows), so any credential it uses would be sensitive and should be explicitly declared and scoped.
Persistence & Privilege
The skill does not request always:true and does not include installation scripts that modify system or agent-wide settings. Autonomous invocation is enabled by default (normal) — combined with the credential/clarity issues above, this is a reason for caution but not a policy-level red flag on its own.
What to consider before installing
Do not install this skill until the developer clarifies the authentication model and data flows. Specifically: ask which env vars or API tokens are required and why they aren't declared; confirm whether the skill will send Rock RMS data to getmembrane.com or other external endpoints and request exact endpoint URLs; request a full SKILL.md or the repository code so you can review any network calls or prompts the agent will make; prefer skills that declare minimal, scoped credentials (e.g., a single API token) and document what Rock RMS resources will be read or modified. If you manage sensitive personal or financial data in Rock RMS, treat this skill as untrusted until those questions are answered.

Like a lobster shell, security has layers — review code before you run it.

latestvk9720zyj7ap0c9cna9m6gjg8r9843hkk

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments