ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Plutio

v1.0.1

Manage Plutio projects and tasks. Use when you need to create, update, close, or query tasks and projects in Plutio (task/project management platform). Suppo...

0· 301·0 current·0 all-time
by@grewingm
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
The name/description, SKILL.md, references, and the included Python CLI all consistently implement a Plutio project/task management client — that aligns with the stated purpose. However, the registry metadata declares no required environment variables or primary credential while the code and docs clearly require a Plutio App Key (client id) and Secret (client secret) to operate. That metadata omission is an incoherence: the skill will not function without credentials yet does not declare them in the registry.
Instruction Scope
Runtime instructions and examples are narrowly scoped to Plutio API actions (list/create/update/close tasks, list people, etc.). The skill caches OAuth tokens locally (~1 hour) and the docs instruct how to configure credentials via environment variables, Bitwarden, or OpenClaw auto-configuration. Example workflows show optional integrations (e.g., sending Matrix notifications) and scheduling via Task Scheduler; those are user-driven and outside the core API client but are clearly documented. There is no instruction to read unrelated system files or exfiltrate data, but some examples show storing credentials in scheduled scripts or shell profiles which can be insecure if the user follows them blindly.
Install Mechanism
This is instruction-only plus a single Python script; there is no install spec that downloads remote code. The script expects Python3 and the requests library but does not attempt to install arbitrary third-party packages from unknown URLs. No high-risk download/extract steps are present.
!
Credentials
The skill needs sensitive credentials (Plutio App Key / Client Secret) to operate — the SKILL.md and setup docs explicitly show environment variables and CLI arguments for these secrets. Yet the skill metadata lists no required env vars or primary credential. Additionally, some documented configuration options (adding creds to shell profile, Windows scheduled task scripts) encourage storing secrets in plain text; the docs do recommend Bitwarden as most secure, but the presence of insecure examples increases risk if users follow them.
Persistence & Privilege
The skill does create a local token cache under ~/.config/plutio/token.json and restricts permissions (chmod 600) in the code. always:false and no cross-skill config modifications are present. There is no claim of persistent system-wide privileges beyond the token cache and normal file writes within the user's home directory.
What to consider before installing
This skill appears to be a real Plutio API client (code + docs match the stated purpose), but there is a clear metadata omission: the registry doesn't declare the required Plutio credentials even though the code and docs require them. Before installing: - Treat the skill as requiring your Plutio App Key/Client Secret; only provide those to this skill if you trust the source/author. The package owner is unknown — verify the origin. - Prefer the documented secure options (Bitwarden or OS credential manager) rather than adding credentials to shell profiles, scheduled-task scripts, or plain-text files. - Inspect the included script (scripts/plutio-cli.py) yourself (it is present) or run it in a sandboxed environment first. The script caches tokens to ~/.config/plutio/token.json; ensure you are comfortable with that path and its permissions. - Confirm network endpoints: the code uses api.plutio.com OAuth and API endpoints (expected). If you observe different remote endpoints in the code, do not proceed. - Ensure Python3 and the requests library are available in the runtime; the script does not include dependency installation steps. - If you need stronger assurance, request the publisher to update registry metadata to declare required env vars (PLUTIO_APP_KEY, PLUTIO_SECRET, PLUTIO_SUBDOMAIN) and provide provenance for the skill (homepage, owner identity) or run a code review/audit prior to granting credentials.

Like a lobster shell, security has layers — review code before you run it.

latestvk970bh431qmyzwznqt6kpq0ge5823n9t

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments