ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

onionclaw

v2.1.13

Search the Tor dark web, fetch .onion hidden-service pages, rotate Tor identities, and run structured multi-step OSINT investigations. Use when the user asks...

0· 155·0 current·0 all-time
by@jacobjandon
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description align with required binaries (python3, pip3, tor) and Python libs (requests[socks], stem, BeautifulSoup). All requested capabilities (search, fetch, rotate Tor identity, OSINT pipeline) are coherent with these requirements.
!
Instruction Scope
SKILL.md instructs running pip installs, a setup.py 'interactive first‑run wizard' that updates .env and torrc, and restarting system Tor (systemctl / brew services). setup.py is expected to modify system config files (e.g., /etc/tor/torrc) and create DataDirectory paths. Those are legitimate for a Tor tool but grant the skill potential to change system configuration and require elevated privileges; the document does not publish or show the contents of setup.py, renew.py, or other scripts, so you must inspect them before running.
Install Mechanism
Instruction-only skill (no install spec). It tells you to pip3 install specific PyPI packages — expected for Python tooling. Risk: pip installs are global by default in the examples (no virtualenv recommendation) and could overwrite system packages; no downloads from arbitrary URLs were specified.
!
Credentials
Registry metadata declares no required env vars, but SKILL.md references a .env with an LLM key (optional) and a TOR_DATA_DIR used by renew.py; this mismatch is a minor inconsistency. The tool also asks you to enable ControlPort/ CookieAuthentication in torrc (required for circuit control) which is appropriate but increases capability to control Tor circuits. No unrelated third‑party credentials are requested.
Persistence & Privilege
always:false (good). The skill documents a daemon/--daemon-poll mode and recurring watch/alert jobs; those would create long‑running background activity if enabled. Autonomous invocation (disable-model-invocation:false) is the platform default and not by itself suspicious.
What to consider before installing
This skill is coherent with its stated Tor/OSINT purpose, but exercise caution before running anything it recommends. Specifically: (1) Inspect setup.py, renew.py, and any scripts referenced — they will modify tor configuration and may require root. (2) Run Python package installs inside a virtualenv or container to avoid polluting system Python. (3) Keep any LLM key or secrets out of the .env until you trust the code; the README mentions TOR_DATA_DIR and an LLM key but the registry metadata does not declare them. (4) If you want to try it, run it in an isolated VM/container and review the scripts that modify /etc/tor/torrc or create system services. (5) Consider legal and ethical implications of dark‑web scanning in your jurisdiction and organization.

Like a lobster shell, security has layers — review code before you run it.

latestvk9756xcj3qmx7jxngzxz2778jn832a21

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🧅 Clawdis
OSmacOS · Linux
Binspython3, pip3, tor

Comments