ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Fload

v0.1.0

Use when the user has Fload MCP tools available and asks about mobile app analytics, reviews, growth metrics, ad performance, anomalies, or app store optimiz...

0· 56·0 current·0 all-time
byHassan Bazzi@hassanbazzi
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description match the declared tools: analytics, reviews, anomalies, ads, forecasts. The capabilities described (list_apps, get_metrics, approve_action, etc.) are coherent with a mobile analytics/management platform.
!
Instruction Scope
The SKILL.md and AGENTS.md instruct the agent to install and use an MCP server and to obtain a FLOAD_API_KEY from app.fload.app. Those runtime instructions go beyond the registry metadata (which lists no required env vars or install). The instructions also include action verbs (approve_action/reject_action) that imply the skill may act on the user's behalf in third-party systems — which requires clear credentialing and authorization but none is declared in the registry manifest.
!
Install Mechanism
Although the skill package itself has no install spec, AGENTS.md tells users to run an npx command to fetch @fload-ai/mcp. npx executes code pulled from the npm registry at runtime (moderate risk). The skill's registry entry provides no homepage or verified source to validate that package, increasing the risk of executing unreviewed third-party code.
!
Credentials
The registry declares no required environment variables, yet AGENTS.md and the instructions reference FLOAD_API_KEY and imply connectors to App Store Connect, Google Play, ad platforms, Stripe, RevenueCat, etc. Required credentials are not declared in the skill metadata, making it unclear what secrets the skill actually needs and how they will be used.
Persistence & Privilege
The skill is not marked always:true and does not request unusual platform privileges in the manifest. There is no indication it will modify other skills or force-install itself.
What to consider before installing
Before installing, note these inconsistencies and take precautions: (1) The skill metadata lists no install or credentials but the docs instruct you to run `npx @fload-ai/mcp` and create a FLOAD_API_KEY — ask the publisher to reconcile the manifest with the docs. (2) Treat any npx/npm install as potentially risky: verify the @fload-ai/mcp package on the npm registry and inspect its repository/source before running it (or run in an isolated sandbox). (3) Only provide a least-privilege API key (read-only if possible), rotate keys after testing, and monitor activity logs. (4) Confirm what actions the skill will perform on your behalf (e.g., approving review replies) and ensure you consent to that capability. (5) If the vendor has no homepage or verifiable source, prefer to test in a controlled environment or ask for a signed/package release you can audit. These gaps make the skill suspicious but not clearly malicious; requesting clarifying information from the publisher would reduce risk.

Like a lobster shell, security has layers — review code before you run it.

latestvk977gph5x4d58mpq8e86mn2mj583cpsv

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments