ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Headless Bitwarden

v1.0.2

Extension for Bitwarden usage: adds an ephemeral HTTPS web unlock helper for rbw (TTL default 10m) so you can unlock remotely without pasting secrets into chat.

0· 102·1 current·1 all-time
byHans@hans00
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the implementation: scripts start a localhost HTTP helper, optionally open a Cloudflare tunnel, and temporarily override rbw pinentry to perform an unlock. Requested actions (edit rbw config, run rbw, start cloudflared) are expected for this feature.
Instruction Scope
SKILL.md limits the skill to starting/stopping an ephemeral unlock helper and documents the exact files touched. The runtime code only reads/writes the rbw config.json (to set/restore pinentry), creates a FIFO in /tmp, runs rbw unlock, and serves a token-gated form. It does not attempt to read unrelated files or exfiltrate stored secrets to external endpoints (aside from the optional tunnel provider which merely proxies TLS traffic).
Install Mechanism
Instruction-only with bundled scripts; no remote downloads or install hooks. Files are provided in the skill bundle, so nothing is fetched from arbitrary URLs during install.
Credentials
The skill requests no external credentials and uses only local configuration/environment (rbw binary, node, optional cloudflared). It does edit ~/.config/rbw/config.json and writes a FIFO in /tmp—both reasonable for implementing a temporary pinentry override and unlocking flow.
Persistence & Privilege
Skill is not always-enabled and does not modify OpenClaw or other skills. It runs ephemeral processes and auto-exits on TTL/success; no long‑lived privileges or persistent background services are installed.
Assessment
This skill appears to do exactly what it claims: run a short‑lived, token‑gated local unlock helper and optionally expose it via a Cloudflare tunnel. Before installing, verify you trust the skill source and inspect the included scripts (they modify ~/.config/rbw/config.json and create /tmp FIFOs). Only run the helper when needed, do not share the public URL, and prefer a private browser window for unlocking. If you don't want an external tunnel, ensure cloudflared is not present or disable START_TUNNEL. Finally, note residual risks the skill documents: the master password is briefly in process memory/child env and the tunnel provider is in the trust boundary.
scripts/rbw-remote-unlock/server.mjs:164
Shell command execution detected (child_process).
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.

Like a lobster shell, security has layers — review code before you run it.

latestvk977cr06dqkbz7fegxjbc0brgd83x370

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments