ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Trello Orchestrator Runner

v1.0.0

Run a Trello-backed closed-loop delivery workflow for OpenClaw multi-agent execution. Use when a user says to run tasks from Trello automatically, keep cards...

0· 165·0 current·0 all-time
by@jeremiahdingal
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The skill's stated purpose (Trello-backed workflow orchestration) matches the runtime instructions which call Trello API endpoints and require a trello-workflow-map.json. However the registry metadata lists no required environment variables or primary credential, despite SKILL.md explicitly requiring TRELLO_API_KEY and TRELLO_TOKEN. That metadata/instruction mismatch is incoherent and increases risk.
Instruction Scope
The SKILL.md stays within the scope of Trello orchestration: it describes required card fields, deterministic API calls (card create/move/comment/update), and an execution loop. It does not instruct reading unrelated system files or exfiltrating data beyond Trello and the local trello-workflow-map.json.
Install Mechanism
This is an instruction-only skill with no install steps and no code files, which is lower-risk from an installation/execution perspective.
!
Credentials
The SKILL.md requires TRELLO_API_KEY, TRELLO_TOKEN, and a workspace trello-workflow-map.json — those are appropriate for the task. The problem is the published registry metadata lists no required env vars/primary credential. A skill that will operate autonomously against your Trello should explicitly declare the credential requirements and expected token scopes; the absence of that declaration is a red flag.
Persistence & Privilege
always:false and default autonomy are set. The skill does not request permanent system presence or claim to modify other skills or system-wide configs. Autonomous invocation is allowed by default, which is expected for an orchestration skill but increases blast radius if credentials are mishandled.
What to consider before installing
Do not install or enable this skill until the provider corrects metadata and you verify provenance. Specifically: (1) require the registry entry to list TRELLO_API_KEY and TRELLO_TOKEN and clarify required token scopes; (2) ask for a source/homepage or code so you can audit how credentials are used; (3) confirm the skill will only call Trello endpoints listed in SKILL.md and will not send data to other endpoints; (4) store tokens with least privilege and consider using short-lived/limited-scope tokens; (5) review the trello-workflow-map.json you plan to provide to ensure it contains no sensitive data; (6) if you must test, run in a sandbox Trello account/board with non-critical tokens. The primary issue is metadata/instruction inconsistency and missing provenance — this could be an oversight or indicate a poorly maintained or malicious package, so proceed cautiously.

Like a lobster shell, security has layers — review code before you run it.

latestvk973tfk3kpmsn29aqtx8f1snw982twtf

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments