ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Clawdhub Copy

v1.0.0

Use the ClawdHub CLI to search, install, update, and publish agent skills from clawdhub.com. Use when you need to fetch new skills on the fly, sync installed skills to latest or a specific version, or publish new/updated skill folders with the npm-installed clawdhub CLI.

0· 1.8k·4 current·4 all-time
by@jk50505k
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description match the instructions: the SKILL.md documents installing and using an npm-installed 'clawdhub' CLI to search, install, update, list, and publish skills. Declared binaries and the suggested npm install are proportionate to that purpose.
!
Instruction Scope
Instructions include 'clawdhub install' (downloads and places remote skill code into a workdir) and 'clawdhub publish ./my-skill' (uploads local skill folders). Those operations can cause code execution (installing new skills) or data exfiltration (publishing local files). SKILL.md also notes defaults (cwd, ./skills) which could cause the agent to operate on the current workspace without explicit user confirmation. There is no guidance about verifying downloaded skill provenance or signing.
Install Mechanism
No install spec in the skill bundle (instruction-only), but SKILL.md recommends 'npm i -g clawdhub' (standard npm registry mechanism). Using npm is typical and traceable, but global npm installs affect the host environment and pull arbitrary package code from the registry.
Credentials
The skill does not require extra environment variables or credentials in the manifest. SKILL.md mentions optional overrides (CLAWDHUB_REGISTRY, CLAWDHUB_WORKDIR) and uses interactive 'clawdhub login' for publishing; the requested privileges are consistent with a package manager CLI. No unrelated credentials are requested.
!
Persistence & Privilege
always is false, but autonomous invocation is allowed (default). Because the skill enables the agent to fetch and install arbitrary third-party skills at runtime, its use can expand the agent's capabilities and attack surface. Publishing also lets the agent send local folders to an external registry. Those powers increase blast radius if the agent is allowed to act without explicit human confirmation.
What to consider before installing
This instruction-only skill is internally consistent for managing a ClawdHub CLI, but it enables the agent to download and install third‑party skills and to upload local skill folders to an external registry. Before installing or giving the agent permission to use it: 1) Verify the ClawdHub CLI package and registry (is https://clawdhub.com legitimate and trusted?). 2) Avoid global installs as an elevated user; prefer sandboxed environments. 3) Require explicit user confirmation before any 'install', 'update', or 'publish' operation — these actions can execute code or exfiltrate files. 4) Review downloaded skill code before enabling it and restrict agent autonomy if you do not want it installing packages without human approval.

Like a lobster shell, security has layers — review code before you run it.

latestvk974a1wvasfyrz51s5ct17xfmx8055mh

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Binsclawdhub

Install

Install ClawdHub CLI (npm)
Bins: clawdhub
npm i -g clawdhub

Comments