ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Vault Client

v1.0.0

Hashicorp Vault client for OpenClaw agents. Read and write secrets from a Vault server without raw curl commands or hardcoded tokens. Use when reading API ke...

0· 357·0 current·0 all-time
by@jbushman

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for jbushman/vault-client.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Vault Client" (jbushman/vault-client) from ClawHub.
Skill page: https://clawhub.ai/jbushman/vault-client
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Canonical install target

openclaw skills install jbushman/vault-client

ClawHub CLI

Package manager switcher

npx clawhub@latest install vault-client
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
The skill name/description match the included code: vault.js implements get/put/list/token-info/token-renew/check/setup and uses the Vault HTTP API. There are no unrelated network endpoints, unrelated required binaries, or extraneous credentials requested.
Instruction Scope
SKILL.md tells the agent to run the included node script for setup/check/get/put/etc. The script only communicates with the configured Vault address and reads/writes files under ~/.openclaw. The setup step also appends a startup block to AGENTS.md and writes ~/.openclaw/vault.json and ~/.openclaw/vault-cache.json — this is within the declared scope but is persistent filesystem modification the user should be aware of. The documentation contains examples (e.g., reading the Kubernetes service account token) that are examples only — they are not executed by the script unless the user follows them.
Install Mechanism
No install spec or external downloads. The code uses only Node.js stdlib and no npm packages. There is no remote code fetch or archive extraction in the provided files.
Credentials
The skill declares no required environment variables and does not attempt to read unrelated system credentials. However, it stores Vault credentials (token) and secrets in plaintext JSON files under ~/.openclaw and caches secret values in ~/.openclaw/vault-cache.json. That persistent storage of sensitive material is expected for a CLI but is sensitive and should be considered when granting permissions.
Persistence & Privilege
The script writes configuration and cache files under ~/.openclaw and appends to AGENTS.md during setup. It is not marked always:true and does not modify other skills' configuration. Persistent writes are limited to the user's home directory as described.
Assessment
This skill appears to be a legitimate Vault client and is coherent with its description, but it stores tokens and cached secret values unencrypted under ~/.openclaw (vault.json and vault-cache.json) and will append a startup block to AGENTS.md during setup. Before installing: (1) ensure you trust the skill source; (2) use least-privileged or short-lived Vault tokens (AppRole or limited policies), not a root/admin token; (3) restrict file permissions on ~/.openclaw (chmod 600) and consider not enabling caching if you don't want secrets on disk; (4) keep tls.verify=true unless you must disable it for internal use; and (5) if you want higher assurance, provide the complete vault.js file (the supplied snippet was truncated) or a source checksum so the implementation can be fully audited — absence of the file tail reduces confidence.

Like a lobster shell, security has layers — review code before you run it.

latestvk9758hk1h2z6a5w6qtbt4awwdd827hwn
357downloads
0stars
1versions
Updated 56m ago
v1.0.0
MIT-0
@jbushman
latest
Download

vault-client

Gives OpenClaw agents clean, cached access to Hashicorp Vault. No curl, no hardcoded tokens in transcripts.

Setup

Run once after installing:

node ~/.openclaw/workspace/skills/vault-client/scripts/vault.js setup

Prompts for address, token, and mount. Saves to ~/.openclaw/vault.json and appends a startup block to AGENTS.md.

Startup (every session)

node ~/.openclaw/workspace/skills/vault-client/scripts/vault.js check
  • Exit 0 = connected, token valid
  • Exit 1 = connected but token expires soon — warn user, run token-renew
  • Exit 2 = unreachable or invalid token — warn user, check config

Core commands

# Read all keys at a path
node vault.js get shopwalk/r2

# Read a single key (returns just the value — pipe-friendly)
node vault.js get shopwalk/database uri

# Write / update a secret (merges with existing keys)
node vault.js put shopwalk/r2 secret_access_key=newvalue

# List paths
node vault.js list shopwalk/

# Token management
node vault.js token-info
node vault.js token-renew

Config reference (~/.openclaw/vault.json)

{
  "address": "https://vault.example.com:8200",
  "mount": "secret",
  "auth": { "method": "token", "token": "hvs.xxx" },
  "cache_ttl_seconds": 300,
  "tls": { "verify": true }
}

Set tls.verify: false for internal Vault with self-signed certs.

Secrets are cached in ~/.openclaw/vault-cache.json for cache_ttl_seconds (default 5 min) to avoid repeated API calls.

Auth methods

Token auth is the default. For AppRole and Kubernetes auth, see references/auth-methods.md.

No dependencies

Uses Node.js stdlib only (https, fs, readline). No npm install required.

Comments

Loading comments...