ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Deploy Pilot

v0.1.2

Manages the full deploy cycle — build validation, GitHub push, Vercel deployment, and health checks

0· 915·4 current·5 all-time
byGuilherme Favaron@guifav
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The SKILL.md describes managing GitHub pushes, Vercel deployments, builds, tests, and health checks — and the steps and commands in the SKILL.md are consistent with that purpose. However, the provided registry summary at the top claims no required env vars/binaries while claw.json (included in the package) declares required binaries (node, npx, git, gh, curl, jq) and primaryEnv VERCEL_TOKEN. This metadata inconsistency is unexplained and reduces trust.
Instruction Scope
The runtime instructions are narrowly focused on build validation, pushing branches, invoking Vercel CLI (via npx vercel --token $VERCEL_TOKEN), health checks (curl), and rollback via Vercel. They direct the agent to run local commands (tsc, lint, tests, builds), inspect git state, and run network calls to the deployment and health endpoints — all within the expected scope for a deploy tool. The SKILL.md does not instruct exfiltration of unrelated files or arbitrary data collection.
Install Mechanism
This is an instruction-only skill (no install spec, no code files to execute). That lowers installer risk: nothing is downloaded or written by an installer. The included claw.json declares filesystem and network permissions (expected for a deploy skill).
!
Credentials
The skill uses Vercel CLI commands that require VERCEL_TOKEN (and the SKILL.md references $VERCEL_TOKEN). claw.json explicitly lists VERCEL_TOKEN as primaryEnv, which is proportionate. However, top-level registry metadata stated 'Required env vars: none' — a direct inconsistency. The SKILL.md also performs git pushes but does not declare or require GitHub credentials/gh/GH_TOKEN; it relies on whatever local git/gh credentials the environment provides. That implicit use of local repo credentials (and network/filesystem access) increases risk and should be made explicit. Users should ensure tokens/credentials are minimal-scoped.
Persistence & Privilege
always:false and user-invocable:true. The skill does not request permanent global inclusion. It declares filesystem and network permissions in claw.json (expected for a deploy skill) and does not attempt to modify other skills or global agent config. Autonomous invocation is allowed (default) but not an additional flagged privilege here.
What to consider before installing
This skill appears to do what it says (build, test, push to GitHub, deploy to Vercel), but there are a few red flags to consider before installing: - Metadata mismatch: the package includes claw.json that requires the VERCEL_TOKEN and various CLI binaries, but the registry summary says no env vars/binaries required. Treat claw.json and SKILL.md as authoritative and assume VERCEL_TOKEN is needed. - Tokens and credentials: the skill will invoke git push and Vercel CLI using your environment. Provide a Vercel token with the narrowest possible scope (a deploy-only token if available). Be aware it will use whatever Git/gh credentials are available on the agent to push to repositories — consider using a deploy-specific CI/service account or running the skill in a controlled environment. - Code push risk: the skill can modify your repository (merges, commits, pushes). Only run it with repos you trust and after reviewing the planned commit/merge. Require human approval for production pushes if possible. - Back up and test: run the full pre-deploy checklist locally or in a staging environment first. Verify database migration steps separately and ensure you have rollbacks and backups before deploying to production. - Verify provenance: the skill's 'source/homepage' in the registry metadata was incomplete, but claw.json points to a GitHub repo. If you plan to use it, inspect that upstream repository manually and confirm you trust the author. If you need higher assurance, ask the publisher for clarification on the metadata inconsistencies, request a minimal-scoped Vercel token pattern, and/or run the skill in a sandboxed agent with only the necessary credentials and network access.

Like a lobster shell, security has layers — review code before you run it.

latestvk9706f1ewmj4cmc3cdee7pmrjh83f9vn

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments