ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Usercentrics

v1.0.0

Usercentrics integration. Manage data, records, and automate workflows. Use when the user wants to interact with Usercentrics data.

0· 58·0 current·0 all-time
byVlad Ursul@gora050
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
CryptoCan make purchases
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The SKILL.md states the integration requires a valid Membrane account and network access, but the skill metadata declares no required environment variables or primary credential. The SKILL.md contains an extremely large, generic list of actions (payments, auctions, geolocation, email, etc.) many of which are unrelated to a consent-management (Usercentrics) integration — this broad capability list is disproportionate and unclear.
!
Instruction Scope
This is an instruction-only skill but the provided SKILL.md is vague and open-ended. It references needing a Membrane account but does not specify how to authenticate, which endpoints to call, what data is read or written, or the exact commands/requests the agent should perform. The phrasing grants broad discretion (no narrow workflow), which could allow the agent to collect or transmit data beyond what a Usercentrics integration would reasonably require.
Install Mechanism
No install spec and no code files (instruction-only). That minimizes risk from downloaded or executed artifacts — nothing will be written to disk by an installer as part of skill installation.
!
Credentials
SKILL.md explicitly says a 'valid Membrane account' is required, but the registry lists zero required env vars and no primary credential. There is no guidance for where credentials are stored or how auth is performed. The absence of declared credentials combined with an expectation of an external account is an incoherence that could lead the agent to request secrets interactively or use insecure methods.
Persistence & Privilege
The skill is not always-enabled and is user-invocable only; it does not request elevated/system-wide persistent privileges in the metadata. Autonomous invocation is allowed by default but is not itself a new privilege here.
What to consider before installing
Do not install or provide credentials yet. Ask the skill author to clarify: (1) exactly which APIs/endpoints it will call (Usercentrics vs. Membrane) and the required auth method; (2) which environment variables or secrets are needed and how they are stored (use a secure secret store, not chat); (3) why the SKILL.md lists many unrelated capabilities — ask for a concise, scoped workflow for common tasks (read consents, list users, generate report, etc.). Because it's instruction-only and the metadata doesn't declare credentials, the agent may prompt for credentials at runtime or act broadly — only proceed after the author supplies minimal, specific auth instructions and a clear narrow scope. If you must test, do so in an isolated/staging account and never paste production secrets into an interactive chat.

Like a lobster shell, security has layers — review code before you run it.

latestvk97e130k7xhpf31v2c1zdew6nd84dh96

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments