ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

TheCorporation.ai Form and Operate

v1.0.0

How to use the `npx corp` CLI to manage corporate entities, governance, cap tables, finance, agents, and compliance for TheCorporation platform. Use this ski...

0· 97·0 current·0 all-time
byKyle Hanson@hansonkd
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The SKILL.md describes a full CLI for corporate formation, governance, payroll, document generation and auto‑signing. That purpose reasonably requires a Node/npx runtime and an install of @thecorporation/cli (and apparently a Rust binary shipped by that package). However the skill metadata declares no required binaries and no install spec. The metadata and runtime instructions are inconsistent: a consumer would reasonably expect 'node'/'npx' to be listed as required and the package install to be declared.
!
Instruction Scope
Instructions tell the agent to run 'npx corp setup', run servers (npx corp serve), store data under ~/.corp/data, and to 'activate' entities which auto‑signs formation documents. Those are legitimate for a corp management CLI, but they are high‑impact operations (legal document signing, payroll). The instructions do not require explicit confirmation workflows in the SKILL.md — e.g., the automated 'activate' auto‑sign behavior is scope‑creep for an assistant unless the user explicitly consents at time of action. The skill also references cloud magic‑link auth (external endpoints) and configuring api_url, which will transmit data to external services.
!
Install Mechanism
The SKILL.md informs the agent to use an npm package (@thecorporation/cli) via npx — an install from the public npm registry. Installing arbitrary CLI packages via npx is a moderate‑risk action (remote published code/binaries may execute locally). The registry metadata omitted an install spec, but the instructions do include an install block — this discrepancy is notable. There are no checksums or pinned versions in the instructions; the skill asks implicitly to fetch code at runtime.
!
Credentials
The skill metadata lists no required environment variables or credentials, yet the SKILL.md describes a cloud mode (magic link auth) and operations that commonly require credentials (payroll, document filing). The lack of declared credential requirements is disproportionate to the sensitive operations described. Additionally, the skill stores data locally (~/.corp/data) which may contain sensitive corporate and personal data; SKILL.md does not discuss encryption or access control.
Persistence & Privilege
The skill does not request always:true and is user‑invocable. It does instruct running a persistent local HTTP server (npx corp serve) and changing agent config (npx corp config set api_url ...), which are normal developer actions but have side effects (open local ports, change config). These behaviors are plausible for the stated purpose but warrant caution (run in an isolated environment if uncertain).
What to consider before installing
This skill instructs the agent to install and run a third‑party CLI (npx @thecorporation/cli) that can create legal entities, auto‑sign documents, manage payroll, and run a local server. Before installing or running anything: 1) Confirm the npm package identity and review its source code (the SKILL.md links to a GitHub repo); prefer pinned versions and checksums. 2) Ensure Node/npx are available — the skill metadata should have listed these; ask the publisher to declare required binaries and versions. 3) Don’t allow auto‑signing or payroll actions without explicit, per‑action user confirmation — these are legally and financially sensitive. 4) Prefer local/self‑hosted mode for testing, inspect ~/.corp/data for sensitive content, and consider running the CLI in an isolated VM or container. 5) If you plan to use cloud mode, verify the cloud service operator and magic‑link flow and avoid sending real credentials or personal data until you’ve validated the service. If the publisher cannot explain the metadata/install discrepancies or provide a reproducible audit path (source repo, commit/tag, checksums), treat the skill as potentially unsafe.

Like a lobster shell, security has layers — review code before you run it.

businessvk973rnq7zvrbkx5fmhrqv36spd837p37ccorpvk973rnq7zvrbkx5fmhrqv36spd837p37corpvk973rnq7zvrbkx5fmhrqv36spd837p37corporationvk973rnq7zvrbkx5fmhrqv36spd837p37latestvk973rnq7zvrbkx5fmhrqv36spd837p37llcvk973rnq7zvrbkx5fmhrqv36spd837p37

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments