ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Agent Knowledge Capture

v1.0.0

Unified knowledge capture and retrieval for URLs, video/article/paper extracts, social posts, and agent research outputs. Use when saving anything worth re-f...

0· 1.5k·8 current·9 all-time
by@ianderrington
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description (knowledge capture and retrieval) align with the instructions (commands to add/search/tidy knowledge entries). However the SKILL.md references an install command (clawhub install knowledge) and an on-disk script (~/.openclaw/skills/knowledge/scripts/know) even though the registry entry contains no install spec or code files. That gap is an incoherence to investigate.
Instruction Scope
Instructions stay within the stated domain: adding entries, searching, and maintaining a local knowledge directory. They explicitly write files under ~/.soulshare/agent/knowledge/ and read an optional config at ~/.config/know/config or env KNOWLEDGE_DIR, and recommend running tidy --fix periodically (which can move/remove files). Those file operations are expected for this purpose but are destructive by design (auto-fix/remove), so they should be reviewed before enabling automated runs.
!
Install Mechanism
The SKILL.md claims an installation step and a bundled script path, yet the skill package contains no install spec and no code files. Because there is no provided install mechanism or code, it's unclear where the 'know' binary comes from, what 'clawhub install knowledge' would fetch, or whether external downloads are required — this is an important inconsistency and a potential supply-chain risk if you try to follow the install instructions.
Credentials
No credentials or sensitive environment variables are requested. The only environment/config references are an optional KNOWLEDGE_DIR and a config file path, which are proportional to a local knowledge-management tool.
Persistence & Privilege
The skill does not request always-on privilege (always: false). It recommends running periodic maintenance (heartbeats/cron) which would allow automated modification/deletion of files; if enabled, that increases risk. The skill does not request access to other skills' configs or system-wide credentials.
What to consider before installing
This skill appears to document a local CLI for saving and maintaining notes, but the package contains only documentation and no executable or install spec. Before installing or enabling automation: 1) Confirm the origin — where does 'clawhub install knowledge' download from and is that source trustworthy (there's no homepage or source listed). 2) Verify the actual 'know' binary and inspect its code before running it, since the SKILL.md expects it to modify files under ~/.soulshare/agent/knowledge/ and run tidy --fix (which can remove or move files). 3) Back up your existing ~/.soulshare (and any target directories) before running auto-fix/cron tasks. 4) If you don't want automated modifications, avoid scheduling tidy --fix in heartbeats/cron and run maintenance manually after inspection. 5) Ask the publisher for the missing install manifest or source code; lack of code + install instructions is the main reason this is flagged as suspicious.

Like a lobster shell, security has layers — review code before you run it.

latestvk979rxpt6yqknvx447pdvbsbph81wvea

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments