ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

SuperClaw

v1.0.0

14 production-tested agent workflow skills for disciplined, high-quality AI coding and task execution. Covers TDD, debugging, code review, planning, brainsto...

0· 117·0 current·0 all-time
by@gvuckovich
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
The skill bundle claims to provide 14 agent workflow skills and the repository includes SKILL.md files and supporting scripts that implement those behaviors (e.g., a local visual companion with a Node HTTP/WebSocket server, shell scripts to start/stop it, TypeScript examples, helper JS). That is coherent with the description. Minor inconsistency: metadata lists no required binaries, but several delivered scripts assume Node.js and a POSIX shell (bash). The absence of declared runtime requirements (node, bash) is an omission but not evidence of malicious intent.
Instruction Scope
The SKILL.md instructions explicitly tell the agent to examine project files, write spec files to docs/, commit to git, and (for visual work) run a local server and read/write files under a session directory (SCREEN_DIR). Those actions are within the expected scope for brainstorming/planning code-workflow skills, but they do grant filesystem and git access and instruct running a local webserver and reading a generated '.events' file. This is expected for the visual companion feature but worth noting because it involves local I/O and starting processes.
Install Mechanism
There is no platform install spec; this is instruction-plus-source. That is low risk in terms of automatic downloads. The package ships Node and shell scripts (server.cjs, start-server.sh, etc.) which will be executed by the agent if you follow the SKILL.md guidance — the files are present and readable but not automatically installed from an external URL. No suspicious downloads or third-party registries are in the manifest.
Credentials
The skill declares no required credentials or env vars, and I see no code that requires cloud API keys. Some scripts respect several environment variables (BRAINSTORM_DIR, BRAINSTORM_HOST, BRAINSTORM_URL_HOST, BRAINSTORM_OWNER_PID, BRAINSTORM_PORT) but these are operational knobs for the local server. There are no requests for unrelated secrets. Still, the skill's runtime expects access to the local filesystem and git credentials (to commit specs), which you should only grant in trusted contexts.
Persistence & Privilege
always:false and the skill does not demand permanent global presence. The included scripts create per-session directories (default /tmp or project/.superpowers/brainstorm/) and write files there (HTML screens, .events, .server-info). That behavior is consistent with a local visual companion and does not modify other skills or system-wide agent settings.
Assessment
This bundle appears to be what it says: workflow skills plus a browser-based 'visual companion' implemented with a local Node HTTP/WebSocket server. Before installing or running it, consider: 1) Runtime requirements: the package includes Node.js (server.cjs) and Bash scripts — ensure your environment provides node and a POSIX shell (these are not declared in the metadata). 2) Filesystem & git access: the SKILL.md explicitly instructs reading project files, writing specs to docs/, and committing; only run this in repos and directories you trust. 3) Local server exposure: the visual companion can be bound to 0.0.0.0 and served for remote/containerized setups — prefer binding to localhost unless you intentionally want external access, and inspect start-server.sh/server.cjs before running. 4) Review server.cjs and helper.js for any network endpoints or unexpected behavior (the provided code uses local WebSocket/HTTP only). 5) If you will run the visual companion, prefer using a project-specific .superpowers directory (and add it to .gitignore) to avoid leaving ephemeral files in your repo root. If you want higher assurance, ask the author for declared runtime requirements (node version) and a signed release or run the code in an isolated environment/VM first.
writing-skills/render-graphs.js:25
Shell command execution detected (child_process).
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.

Like a lobster shell, security has layers — review code before you run it.

latestvk9761fk0jttqpcmxzp9s7k48tn83hkrj

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments