Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Boxed Curl
v1.0.0Run curl requests safely in a sandbox, supporting GET/POST/HTTP headers, with complete network isolation.
⭐ 0· 46·0 current·0 all-time
by@guyoung
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description (sandboxed curl) lines up with the instructions: the skill requires a WASM sandbox plugin and a WASM component to execute HTTP requests with restricted outbound hosts. The declared dependencies (openclaw-wasm-sandbox plugin) are appropriate for the stated purpose.
Instruction Scope
Instructions are focused on parsing curl-like args, deriving allowedOutboundHosts, downloading a WASM file if missing, and calling wasm-sandbox-run. They do not ask for unrelated environment variables or secrets. However, the runtime flow includes fetching a remote binary and running it, which expands the actual attack surface beyond the prose (the WASM contents are not provided for review).
Install Mechanism
This is instruction-only (no install spec), but it requires downloading an executable WASM file from a remote URL (raw.githubusercontent.com). While GitHub raw is a well-known host and the download is coherent with needing a WASM component, fetching and writing an external binary to disk and executing it (even inside a sandbox) is a higher-risk install pattern because the binary's contents are not auditable here and could change upstream.
Credentials
The skill declares no environment variables, credentials, or config paths. Example usage includes sending Authorization headers as request data (normal for an HTTP client), but the skill does not request secret storage or unrelated credentials in metadata.
Persistence & Privilege
The skill does not request always:true and does not modify other skills or system-wide configs. Autonomous invocation remains possible (platform default) but is not combined with elevated persistence.
What to consider before installing
This skill appears to do what it says (run HTTP requests inside a WASM sandbox), but it requires downloading and executing a WASM binary from a GitHub raw URL at runtime — that binary is not included in the package and cannot be audited from the SKILL.md alone. Before installing or using this skill: 1) verify the upstream repo and author (confirm the GitHub repo owner and history); 2) request or require a pinned checksum (SHA256) for the WASM file so you can verify integrity before execution; 3) ensure the openclaw-wasm-sandbox plugin is up-to-date and that its sandboxing/network restrictions meet your security requirements; 4) avoid sending secrets or long-lived tokens via this skill unless you trust the WASM component and have pinned its checksum; and 5) if you need stronger assurance, ask the publisher to include the WASM component in the skill bundle (or provide its source and a reproducible build) so it can be inspected locally. Additional information that would raise confidence to high: a published SHA256 for the WASM file, a trusted upstream repo with history, or the WASM source + reproducible build instructions.Like a lobster shell, security has layers — review code before you run it.
latestvk973yrg4kmztktcz6hefn6x9zx83swtd
License
MIT-0
Free to use, modify, and redistribute. No attribution required.