ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Quack Workflow Engine

v1.0.0

Execute multi-step workflows via Orchestrate. Use when running complex workflows, parallel tasks, multi-model orchestration, or automating multi-step processes.

0· 481·2 current·2 all-time
by@jpaulgrayson
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The skill's name, description, and included templates align with a workflow/orchestration purpose: it reads a workflow YAML and POSTs it to https://orchestrate.us.com/api/v1/workflows/run. However, SKILL.md instructs you to 'register at orchestrate.us.com for API access' but neither the instructions nor the script accept or document any API key/config; that mismatch is unexplained.
!
Instruction Scope
The runtime script reads any local file the user passes and uploads its full contents to a remote host. That behavior is consistent with sending a workflow, but it also means the skill can exfiltrate arbitrary local files if misused or pointed at a sensitive path. There are no prompts, no authentication headers, and no explicit safeguards or restrictions on what gets read and transmitted.
Install Mechanism
This is an instruction-only skill with a small Node script included and no install spec; nothing is downloaded or written to disk by an installer. That low-footprint model reduces installer risk.
!
Credentials
The SKILL.md tells users to register for API access, but the skill declares no required env vars or primary credential and the script does not take or read any API key, token, or config path. This omission is inconsistent: a remote orchestration API typically requires credentials. The lack of declared/authenticated credential handling is suspicious and may lead to unauthenticated uploads or hidden out-of-band credential usage.
Persistence & Privilege
The skill does not request persistent/always-on inclusion, does not modify other skills or system-wide configs, and does not declare elevated privileges.
What to consider before installing
Before installing or running this skill, consider that it will read any local YAML file you point it at and upload the full contents to https://orchestrate.us.com without presenting or documenting an API key or other authentication. That can leak sensitive data if you accidentally pass a secrets file or point it at the wrong path. The source/publisher is unknown and there is no homepage. If you still want to use it: (1) inspect and understand the script (it is short) and run it only on non-sensitive test files; (2) ask the publisher how API authentication is intended to work and insist the script accept a provided API key (env var or config) and include Authorization headers; (3) prefer a version that prompts for confirmation before uploading and supports a safe dry-run; (4) verify the orchestrate.us.com domain and hosting (it may be legitimate or a lookalike); and (5) run the tool in a network-restricted sandbox until you trust it. Because the issues could be sloppy engineering or intentional, proceed cautiously.

Like a lobster shell, security has layers — review code before you run it.

latestvk97b2tx8rxw73a6e569m5nhfb581x73q

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments