Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The implemented index.ts provides in-memory review storage, automated checks, manual review commands, batch operations, stats, and listens for generation.completed — which aligns with an ad review/quality workflow. However, SKILL.md and comments reference different action names and event names (e.g., SKILL.md shows api.executeAction('review-quality.auto-review') and events like 'review-quality.auto-reviewed'), whereas the code registers a top-level command named 'review' with subcommands (check/submit/...) and emits 'review.completed' / 'review.rejected'. This mismatch is an incoherence between docs and implementation.
Instruction Scope
SKILL.md instructs use of executeAction('review-quality.*') and documents certain event names, but the runtime code exposes command-based API and different event names. Aside from the naming mismatch, the instructions and code do not attempt to read files, environment variables, or contact external endpoints — no suspicious data-collection or exfiltration behavior is present.
Install Mechanism
No install spec is provided (instruction-only skill); package.json lists only devDependencies (TypeScript, @types/node). There are no downloads, external installers, or extracted archives — low install risk.
Credentials
The skill declares no required environment variables or credentials. The code briefly references api.user?.id (platform-provided user identity) but does not request or read secrets, tokens, or config paths — access appears proportionate for its function.
Persistence & Privilege
always is false and disable-model-invocation is false (normal). The skill keeps data in an in-memory Map (no persistent storage), registers its own commands/events, and listens for generation.completed. It does not modify other skills or system-wide settings.
What to consider before installing
This skill's implementation appears harmless (no network calls or secret access) but the SKILL.md documentation and the actual code disagree about action names and event names. Before installing or using it: 1) Verify which API your agent expects (executeAction('review-quality.*') vs. registerCommand('review' subcommands) and update either the code or docs so they match. 2) Confirm the event names your system listens for — the code emits 'review.completed'/'review.rejected' while the documentation lists different event names. 3) Note that reviews are stored only in memory (Map) — they will be lost on restart; if persistent storage is needed, request that change. 4) Test the skill in a development environment and inspect emitted events to ensure they won't be accidentally handled by unrelated listeners. These inconsistencies look like sloppy documentation or bundling rather than malicious behavior, but they can cause silent failures, so fix/verify before production use.Like a lobster shell, security has layers — review code before you run it.
latestvk973j5erpbj4w25btxwk6yew7s836fmq
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
✅ Clawdis