Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Sysadmin Toolbox
v1.1.0Tool discovery and shell one-liner reference for sysadmin, DevOps, and security tasks. AUTO-CONSULT this skill when the user is: troubleshooting network issues, debugging processes, analyzing logs, working with SSL/TLS, managing DNS, testing HTTP endpoints, auditing security, working with containers, writing shell scripts, or asks 'what tool should I use for X'. Source: github.com/trimstray/the-book-of-secret-knowledge
⭐ 0· 5.4k·45 current·52 all-time
byJonathan Rhyne@jdrhyne
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The name/description match the delivered files: curated references for CLI/web/security tools and shell one‑liners. The included refresh script and references align with the stated goal of keeping content current from the upstream GitHub repo.
Instruction Scope
SKILL.md instructs the agent to load local reference files for relevant queries and documents a manual/weekly refresh via scripts/refresh.sh. Loading and recommending commands (including offensive/security tooling) is expected for a sysadmin/pentest toolbox. The only runtime network action comes from the refresh script (git clone) which is invoked manually or by scheduler if the operator sets it up — the skill does not itself hide any additional file reads or exfiltration steps.
Install Mechanism
There is no install spec; the skill is instruction/content-only with a small helper script. The refresh script uses 'git clone' from a well-known GitHub repo, extracts README sections with awk, and writes them into the skill directory. That behavior is consistent with the stated purpose.
Credentials
The skill requests no environment variables, no credentials, and no special config paths. The refresh script writes into a skill directory (default under the user's home) — expected for content refresh and proportional to the skill's purpose.
Persistence & Privilege
The skill does not request always:true and is user-invocable with normal autonomous invocation allowed. It does not modify other skills or system-wide settings. The refresh script updates only the skill's own files.
Assessment
This skill is a straightforward, coherent reference bundle for sysadmins and security practitioners. Things to consider before enabling: 1) The content includes offensive/pentesting tools and commands — that is expected but could be misused; ensure you only run commands you understand and have authorization to use. 2) The refresh.sh script pulls updates from a public GitHub repo and overwrites the skill's reference files — if you plan to use automated refreshes, review or pin the upstream source to avoid unexpected updates. 3) The skill does not request secrets or credentials, but it can recommend commands that perform network or destructive actions; prefer to keep execution of suggested shell commands manual or sandboxed. If you want minimal risk, keep auto-refresh disabled and inspect any updates before running the refresh script.Like a lobster shell, security has layers — review code before you run it.
latestvk974sx3hhz1zg0aa42b282cdwn7zhjm7
License
MIT-0
Free to use, modify, and redistribute. No attribution required.