ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

node-connection-doctor

v1.0.3

Diagnose and fix OpenClaw node connection issues with automated checks, error-specific solutions, CLI guidance, and optional one-click repairs.

0· 77·0 current·0 all-time
by@huoxinjiang
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The skill's code and docs are aligned with the stated purpose (diagnose and fix OpenClaw node connections). However, the package metadata and SKILL.md do not declare important runtime prerequisites: the scripts invoke the 'openclaw' CLI and require Node.js to run, yet 'required binaries' is empty and the manifest does not state 'openclaw' CLI as required. That mismatch is inconsistent and should be corrected before trusting the skill.
Instruction Scope
Runtime instructions and the scripts stay within troubleshooting scope (gateway status, device-pair config, ping/Tailscale checks, resetting tokens, restarting gateway). Two points to note: (1) the fix workflow prints newly-generated bootstrap tokens to stdout (scripts/fix.js logs 'Token:'), which is useful for a user but sensitive if logs are captured or forwarded; (2) scripts read local configuration files (./config/plugins/entries/device-pair.config.json) and execute shell commands — both are expected for this purpose but may expose secrets/config and should be run carefully.
Install Mechanism
There is no remote install script or third-party download; this is effectively an instruction + script bundle included in the package. That reduces supply-chain risk compared to remote downloads. No install spec is present, so nothing will be automatically fetched from arbitrary URLs.
!
Credentials
The skill requests no environment variables or external credentials, which is reasonable. But it does require (but does not declare) Node.js and the 'openclaw' CLI in PATH. It also reads local config files that may contain tokens. The code prints bootstrap tokens to stdout — reasonable for local pairing, but this is sensitive and could be captured by logs or monitoring; the SKILL.md/FAQ claim 'does not collect API keys or send configuration to external servers', which is accurate for included code, but the package also contains marketing/docs that refer to Slack/webhook integration (not implemented) and to possible automated publishing workflows that would require credentials — these are out-of-band and should not be conflated with runtime behavior.
Persistence & Privilege
The skill does not request 'always: true' and does not attempt to persist itself or modify other skills. Hook manifest lists permissions 'node:exec' (expected) and 'system:cron' (unused by the provided scripts) — the cron permission is unexpected and unnecessary for the included code and should be questioned. The fix mode can modify OpenClaw configuration and restart services (requires admin/root) which is appropriate for a repair tool but increases impact if misused or run unattended (auto_confirm=true).
Scan Findings in Context
[child_process_exec] expected: scripts/diagnose.js and scripts/fix.js use child_process.exec to run `openclaw` commands and system utilities (ping). Executing CLI commands is expected for a troubleshooting skill; still verify the exact commands before running.
[reads_local_config_path] expected: diagnose.js and utils.js reference ./config/plugins/entries/device-pair.config.json — reading local OpenClaw config is consistent with diagnosis, but these files can contain secrets (bootstrap tokens) so treat outputs carefully.
[prints_potential_secrets_to_stdout] expected: fix.js prints generated bootstrap tokens to stdout (`console.log('📋 Token:', stdout.trim())`). Showing the token to the operator is useful for pairing, but this exposes sensitive values to any log collection or automated screenshotting. Consider this a privacy risk in some environments.
[platform_ping_flag_inconsistency] unexpected: diagnose.js uses `ping -n 1` (Windows-style flag) which is not portable; the skill claims cross-platform support. This is a minor incoherence that may cause false negatives on non-Windows systems.
[hook_manifest_extra_permissions] unexpected: HOOK.md requests 'system:cron' in addition to 'node:exec'. The provided scripts do not create cron jobs, so the cron permission appears unnecessary and should be justified by the author.
What to consider before installing
Before installing or running this skill: (1) Verify your environment: ensure Node.js and the OpenClaw CLI are present and in PATH — the package does not declare these but the scripts require them. (2) Backup your OpenClaw config directory before running fixes. (3) Use diagnose mode first; avoid auto_confirm/auto-run fix in production. (4) Be aware the fix flow prints bootstrap tokens to stdout — if your system collects console output (logs, monitoring, screenshots), treat these outputs as sensitive and avoid exposing them. (5) Ask the author to correct metadata (declare required binaries, clarify the unnecessary 'system:cron' permission) and to provide a dry-run option that shows exact commands without executing them (diagnose partly does this). (6) If you need stronger assurance, run the scripts in a controlled sandbox or with limited logging, and review the source files locally before executing.
scripts/diagnose.js:17
Shell command execution detected (child_process).
scripts/fix.js:27
Shell command execution detected (child_process).
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.

Like a lobster shell, security has layers — review code before you run it.

latestvk97cctvgf2jfk4b041sd6mk3zs83mcap

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments