ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

BRICKS CLI

v0.1.4

Manage BRICKS workspace devices, groups, apps, modules, media, and projects via CLI for control, monitoring, updates, and deployments.

0· 691·0 current·0 all-time
byJhen-Jie Hong@jhen0409
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name/description (BRICKS CLI for device/app/module/media/project management) aligns with the runtime instructions. The skill explicitly covers both cloud API operations and local LAN/device interactions (discovery, MCP/CDP bridging, and ACP desktop bridging), which is broader than a simple cloud-only CLI but coherent for a device-management tool.
!
Instruction Scope
SKILL.md instructs the user to scan the LAN for devices, bind devices, bridge to devices via MCP, and to enable and use ACP (Agent Client Protocol) which can run arbitrary bash commands in a project directory. It also documents and normalizes use of acpx --approve-all and writing persistent config (~/.acpx/config.json). Those steps grant local file access and headless command execution that go beyond mere CLI management and can lead to data exposure or arbitrary command execution if misused.
Install Mechanism
There is no packaged install spec in the skill bundle, but SKILL.md instructs installing @fugood/bricks-cli and acpx globally from npmjs.com. Installing global npm packages is expected for a CLI but introduces moderate supply-chain risk (packages published under an unknown owner; skill metadata lacks homepage). No direct downloads or obscure URLs are used in the instructions.
Credentials
The registry metadata declares no required env vars or credentials. Runtime instructions do rely on user-provided passcodes and on saved bricks auth profiles, and they recommend writing ~/.acpx/config.json which grants persistent agent invocation capability. While not requesting unrelated cloud creds, the instructions create persistent local state that could be abused.
!
Persistence & Privilege
The skill itself is not always-enabled and does not request system-wide privileges, but its recommended workflow includes creating persistent acpx config and enabling ACP in the BRICKS Desktop app, both of which create lasting local access paths (shared sessions, auto-run commands via --approve-all). Those persistence mechanisms increase the blast radius if the installed CLI or acpx agent is compromised or invoked by untrusted processes.
What to consider before installing
This skill appears to be what it claims (a BRICKS CLI) but contains several risky operational steps. Before installing or following the rules: - Verify the npm packages (@fugood/bricks-cli and acpx): check the publisher, star history, source repository, and inspect the package code if possible. No homepage is provided in the skill metadata — that increases risk. - Avoid using acpx --approve-all or any auto-approve flag. Auto-approve allows headless execution of arbitrary bash commands in your project directory. - Do not persistently write ~/.acpx/config.json on shared machines unless you understand and accept the risk; persistent config lets any process using acpx start sessions that access your project files. - Keep ACP disabled in BRICKS Project Desktop except when actively bridging; remove persistent config when done. Rotate passcodes/tokens used for device access. - Run installs and initial tests in an isolated environment (VM/container) or on a non-production machine before trusting them on your workstation or network. - Restrict LAN scans to trusted networks and confirm device workspace IDs to avoid interacting with devices from other workspaces. If you need stronger assurance, request the upstream package source or a link to the project's repo and review its code, or prefer a CLI distributed from a known, verifiable homepage or GitHub org.

Like a lobster shell, security has layers — review code before you run it.

latestvk9724jjnkr6wchk2t068vcarz5833bh3

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments