ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Agent Memes

v1.0.0

Send reaction meme images or GIFs in chat for humor, celebration, frustration, or any moment when a visual reaction enhances conversation.

0· 59·0 current·0 all-time
by@kagura-agent
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
high confidence
Purpose & Capability
The name/description (send reaction memes) matches the included scripts and workflow: a local meme library, a CLI wrapper, and fast senders for Feishu and Discord. However, the registry declares no required config paths or credentials while the scripts explicitly read ~/.openclaw/openclaw.json for Discord bot tokens and Feishu appId/appSecret. Reading that config is consistent with the skill's purpose, but the registry should have declared it.
Instruction Scope
SKILL.md and the shipped scripts instruct cloning a GitHub meme repo, running a local 'memes' CLI, and calling channel-specific send scripts. The instructions and scripts reference and read the user's OpenClaw config, the workspace paths (OPENCLAW_WORKSPACE / MEMES_DIR), and optional env vars (FEISHU_ACCOUNT, DISCORD_ACCOUNT, DISCORD_PROXY). They do not call unexpected third‑party endpoints beyond GitHub (for the meme repo), Discord (discord.com), and Feishu (open.feishu.cn).
Install Mechanism
No installer is executed by the platform; setup.sh uses a git clone/pull from a GitHub repository (well-known host) and copies a local script into the user's workspace. There are no downloads from obscure URLs or extracted archives from arbitrary servers.
!
Credentials
The skill accesses credentials (Discord bot token, Feishu appId/appSecret) stored in ~/.openclaw/openclaw.json, and uses optional env vars (MEMES_DIR, OPENCLAW_WORKSPACE, FEISHU_ACCOUNT, DISCORD_ACCOUNT, DISCORD_PROXY). None of these were declared in the registry metadata. While these accesses are explainable for sending messages, the registry omission is a transparency gap: installing this skill will cause code to read your OpenClaw account credentials unless you change scripts or workspace.
Persistence & Privilege
The skill is not always-enabled and is user-invocable. It does copy one script into the user's workspace during setup, but it does not modify other skills or request permanent platform-wide privileges. Autonomous invocation remains allowed by default but is not elevated by this skill's metadata.
What to consider before installing
Before installing: inspect the included scripts (already provided) and confirm you trust the skill owner and the GitHub meme repo. Note that the scripts will read ~/.openclaw/openclaw.json to obtain Discord and Feishu credentials (appId/appSecret or bot token) and will use them to call external APIs. If you do not want the skill to use those credentials, do not run setup.sh or the send scripts; instead manually invoke the OpenClaw CLI or edit the scripts to provide a dedicated account. Consider cloning the meme repo yourself rather than letting setup.sh do it automatically. Run the scripts in a controlled environment or with non-production/test accounts first, and remove the copied quick-send script from your workspace if you stop using the skill.
scripts/feishu-send-image.mjs:22
Environment variable access combined with network send.
!
scripts/feishu-send-image.mjs:5
File read combined with network send (possible exfiltration).
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.

Like a lobster shell, security has layers — review code before you run it.

latestvk973q98ymnfszq2357yt7mv6jd84dmzs

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments