ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

find-skills-gitcode

v1.0.1

Helps users discover and install agent skills when they ask questions like "how do I do X", "find a skill for X", "is there a skill that can...", or express...

1· 71·0 current·0 all-time
byJHercules_qz@jherculesqz
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name and description ('find-skills') align with the SKILL.md: it is a discovery and install helper for skills. The guidance on searching, vetting, and presenting skills is coherent with the stated purpose.
!
Instruction Scope
The instructions explicitly tell the agent/user to run 'npx skills-gitcode find' and 'npx skills-gitcode add <package>' and to install with 'npx skills-gitcode add <owner/repo@skill> -g -y'. Those commands will download and execute remote code at runtime and the recommended '-g -y' suppresses confirmation prompts. The SKILL.md does not require or instruct signature/veracity checks of packages beyond heuristic checks (installs, stars), nor does it require explicit user confirmation before performing installs — increasing the risk of executing untrusted code.
!
Install Mechanism
There is no declared install spec for this skill itself (instruction-only), but the runtime guidance relies on 'npx', which dynamically fetches and runs packages from the npm registry (or other sources). Dynamic downloads via npx are inherently higher-risk because they execute remote code. The document's explicit recommendation to use global installs and skip confirmations ('-g -y') raises the risk further.
Credentials
The skill declares no required environment variables, binaries, or config paths, and the SKILL.md does not request secrets or access to unrelated credentials. No disproportionate credential access is requested.
Persistence & Privilege
Skill flags are normal: always=false and disable-model-invocation=false (agent may invoke autonomously as usual). The SKILL.md recommends installing other skills globally (which would persist on the host), but the skill itself does not request persistent privileges or modify other skills' configurations.
What to consider before installing
This skill is coherent with its purpose (finding and installing other skills) but it tells you to run npx commands that will download and execute remote code — and even recommends using '-g -y' to skip prompts. Before installing anything discovered by this skill: 1) review the package/repo source manually (README, author, commits); 2) avoid globally installing unknown packages or using '-y' without understanding what will be run; 3) prefer installing in a confined environment or container; 4) verify package versions and prefer well-known publishers; 5) ask the agent to show the exact install command and the repository link and get your explicit approval before running it. If you want a safer mode, require the agent to only produce recommendations and never run 'npx' or install without explicit, per-install confirmation.

Like a lobster shell, security has layers — review code before you run it.

latestvk9784c1vpbst2zpv1b4938swan83h4t8

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments