ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Stack Scaffold

v0.1.2

Scaffolds a full-stack project with Next.js App Router, Supabase, Firebase Auth, Vercel, and Cloudflare

1· 693·0 current·0 all-time
byGuilherme Favaron@guifav
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
The SKILL.md describes a scaffolding tool and its runtime instructions align with that purpose (creating files, running npx create-next-app, initializing git). However claw.json requires numerous environment variables (including FIREBASE_PRIVATE_KEY, FIREBASE_CLIENT_EMAIL) that a scaffolder does not need to run; these are disproportionate and do not match the stated purpose. Required binaries (node, npx, git) are reasonable.
Instruction Scope
The SKILL.md mandates a Planning Protocol and explicitly forbids reading existing .env or credential files; it instructs only to run `ls` and `node -v` to verify the target directory and to create files and run npx commands. The file templates reference process.env.* placeholders (expected for scaffolding). There are no instructions to transmit secrets or inspect unrelated system files. Overall the runtime instructions are scoped to scaffolding, but they rely on templates that assume sensitive env vars exist at runtime.
Install Mechanism
This is an instruction-only skill with no install spec and no code files executed by the platform; that minimizes install-time risk. The skill will instruct the agent to run system tooling (npx, npm) which is expected for a scaffolder.
!
Credentials
claw.json declares many required env variables (NEXT_PUBLIC_SUPABASE_*, NEXT_PUBLIC_FIREBASE_*, FIREBASE_PRIVATE_KEY, FIREBASE_CLIENT_EMAIL, etc.). For scaffolding files, requesting runtime secrets (especially FIREBASE_PRIVATE_KEY) is unnecessary and excessive. The SKILL.md explicitly says it will not read .env files, creating a direct contradiction with the metadata that marks those env vars as required. This mismatch is the primary security concern.
Persistence & Privilege
The skill is user-invocable, not always-enabled, and does not request unusual persistence. Recommended skillDependencies and permissions in claw.json (filesystem, network) are expected for scaffolding and template fetching.
What to consider before installing
This skill mostly looks like a legitimate project scaffolder, but the package metadata (claw.json) asks for many sensitive environment variables — including the Firebase private key — which are not needed just to create files. Before installing or running it: (1) prefer not to supply secrets to the skill/agent; scaffolding should be done in an empty/new directory without exposing credentials, (2) verify the source (claw.json claims a GitHub homepage but the skill metadata says 'unknown'); prefer skills from a known repository, (3) inspect the generated files (especially any server-side admin initialization like firebase admin) to ensure private keys are not accidentally committed and that .gitignore includes env files, (4) if you must use runtime credentials, create minimal test credentials and never provide production private keys to an agent, and (5) ask the publisher why the metadata marks env vars as required despite SKILL.md saying it won't read .env files — this inconsistency should be resolved before trusting the skill.

Like a lobster shell, security has layers — review code before you run it.

latestvk972eh2w4dgmvkw1tdg6b42zk983ey1y

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments