ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

SkillNav

v2.0.0

Search 3,900+ MCP servers with install commands, get daily AI brief, and discover trending tools — in Chinese. Data from skillnav.dev editorial team.

0· 109·0 current·0 all-time
by@huiw86
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description claim (search MCP servers, daily AI brief, trending tools in Chinese) is implemented by WebFetch calls to skillnav.dev API endpoints and formatting rules in SKILL.md. The only extra capability is an 'update' action that downloads a SKILL.md from GitHub to the skill's own path — this is coherent with an auto-update feature.
Instruction Scope
Runtime instructions only call WebFetch to https://skillnav.dev/api/skill/query and, for update, curl raw.githubusercontent.com to overwrite the local SKILL.md. The skill does not read unrelated files or request environment variables. Note: the update step writes to ~/.claude/skills/skillnav/SKILL.md which allows the skill's instructions to be replaced remotely if the repository changes.
Install Mechanism
There is no install spec (instruction-only), lowering disk-write risk. The self-update uses a raw GitHub URL (a well-known host) to download a single SKILL.md file — moderate risk because remote content can change behavior but the source is a standard GitHub raw URL (not a private server or URL shortener).
Credentials
The skill requests no environment variables, no credentials, and does not access system config paths beyond writing to its own skill file during update. This is proportional to its purpose.
Persistence & Privilege
always is false and the skill is user-invocable (normal). The only persistence-like action is the explicit 'update' command which overwrites its own SKILL.md in the user's ~/.claude/skills directory. Self-updating is expected for skills but increases attack surface if the upstream repo or raw URL is compromised.
Assessment
This skill appears to do what it says: it fetches data from skillnav.dev and formats it in Chinese. Two practical things to consider before installing or using it: (1) The /skillnav update command downloads a SKILL.md from raw.githubusercontent.com and writes it to ~/.claude/skills/skillnav/SKILL.md — only run update if you trust the upstream repository (review the SKILL.md on GitHub first). (2) Because the skill can replace its own instructions via that update, monitor or limit self-updates if you need a stricter security posture. Also note a minor metadata inconsistency (the registry listing showed no homepage while SKILL.md includes a GitHub homepage); you may want to confirm the official source URL on the registry or GitHub before trusting updates.

Like a lobster shell, security has layers — review code before you run it.

latestvk97f1cbgpx577zg8rprsc0eae183tht6

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments