Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
ClawHub Publishing Workflow
v1.0.0Manages publishing, distribution, and versioning of OpenClaw skills via ClawHub registry with CLI authentication and batch sync support.
⭐ 0· 41·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill description (ClawHub publishing) matches the instructions, but the metadata lists no required binaries, env vars, or config paths while the SKILL.md repeatedly references a 'clawhub' CLI, ~/.openclaw workspace scripts (publish-to-clawhub.sh), environment variables (CLAWHUB_SITE, CLAWHUB_REGISTRY, CLAWHUB_WORKDIR), and a token path (~/.config/clawhub/token). Those are functional requirements that should have been declared. The absence of a homepage/source also makes it harder to verify the origin of the CLI and scripts.
Instruction Scope
Runtime instructions tell the agent (or a user) to run the clawhub CLI and local publishing scripts that package and upload entire skill directories (~/.openclaw/skills). That is coherent with a publishing workflow, but it means the operation will read and transmit local files. The doc asks publishers to avoid sensitive data but does not provide automated sanitization or explicit checks — leaving room for accidental exposure during batch sync/publish.
Install Mechanism
This is instruction-only with no install spec (lowest formal risk). However, the instructions assume the presence of an external 'clawhub' CLI and custom scripts in ~/.openclaw/workspace; because there is no declared install source (e.g., package repository or release URL) the provenance and integrity of those binaries/scripts is unknown and should be verified before use.
Credentials
The SKILL.md references environment variables and an authentication token file but the skill metadata lists no required env vars or primary credential. Requiring an authentication token and site URL is reasonable for a registry client, but not declaring them is an omission that reduces transparency. Also, publishing scripts that tar and upload directories can accidentally include secrets if not carefully validated, so the power to read and transmit local skill directories is non-trivial.
Persistence & Privilege
The skill does not request always:true or other elevated platform privileges. It describes writing .clawhub/origin.json and metadata files under the user's ~/.openclaw, which is expected for a publishing client and is scoped to the user's home area.
What to consider before installing
This skill's instructions are coherent for a publishing tool, but the metadata omits important declarations (required CLI, env vars, script locations, token file). Before installing or using it: 1) verify the origin of the 'clawhub' CLI and the publish-to-clawhub.sh script (get them from an official release or inspect the script contents), 2) confirm CLAWHUB_SITE/REGISTRY URLs are correct and trustworthy, 3) inspect the publish script to ensure it doesn't include unintended file globs (to avoid uploading secrets), 4) ensure ~/.config/clawhub/token is stored securely, and 5) ask the author/registry to add explicit install steps and required env vars to the skill metadata so the requirements are transparent. If you can't validate the CLI/scripts, treat uploads (especially batch sync) as potentially risky.Like a lobster shell, security has layers — review code before you run it.
latestvk979yv82nnvxbhzj312gpzkh2h83z8kqopenclawvk979yv82nnvxbhzj312gpzkh2h83z8kqpublishingvk979yv82nnvxbhzj312gpzkh2h83z8kqregistryvk979yv82nnvxbhzj312gpzkh2h83z8kq
License
MIT-0
Free to use, modify, and redistribute. No attribution required.