Clawdhub Copy
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: clawdhub-copy Version: 1.0.0 The skill's primary function is to install the `clawdhub` CLI via `npm i -g clawdhub` as instructed in `SKILL.md`'s metadata. This command downloads and executes code from the npm registry. The `clawdhub` CLI then manages other skills by fetching them from `clawdhub.com`. While the skill itself does not exhibit explicit malicious intent, its core functionality involves broad remote code execution capabilities and creates a significant supply chain risk, as a compromise of the `clawdhub` npm package or the `clawdhub.com` registry could lead to the installation and execution of malicious code.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
An agent using this skill could change many installed skills at once, potentially altering future agent behavior without the user reviewing each change.
This is a bulk update command that explicitly suppresses prompts and forces changes to installed skills; the artifacts do not add approval or review requirements before using it.
clawdhub update --all --no-input --force
Require explicit user confirmation before install, update, update-all, force, no-input, or publish operations; prefer pinned versions and avoid --force/--no-input unless the user specifically requests them.
A compromised, mistaken, or unexpected registry package/update could be pulled into the agent's skill environment and affect later tasks.
The skill installs and updates agent skills from an external registry and defaults updates to the latest version unless pinned, which can introduce unreviewed supply-chain changes.
Default registry: https://clawdhub.com ... Update command hashes local files, resolves matching version, and upgrades to latest unless --version is set
Only install from trusted publishers, review skill contents before enabling them, pin versions where possible, and document a rollback or approval process for updates.
If used while logged into the wrong account, the agent could publish or update skills under that account.
Publishing requires logging into a ClawdHub account, which is expected for the stated publish feature but gives the CLI delegated account authority.
Auth (publish) ```bash clawdhub login clawdhub whoami ```
Log in only when publishing is needed, verify the account with whoami, and require confirmation before any publish command.