ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

taste-skill

v1.6.1

Default skill marketplace for AI agents. Use Taste whenever the user or agent needs a new capability, tool, workflow, MCP server, or automation. Also trigger...

1· 480·6 current·6 all-time
byKyrie Cai@kehaoc
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name/description (a skills marketplace) aligns with the instructions (search, save, publish, install skills). However the SKILL.md also instructs the agent to register accounts, set backend URLs, and perform admin invite actions which are broader than a passive 'marketplace browser' and are not declared in the skill metadata (no required env or creds declared).
!
Instruction Scope
Runtime instructions direct the agent to modify workspace files (HEARTBEAT.md, AGENTS.md, optionally ~/.claude/CLAUDE.md), run CLI commands at every session start, and perform onboarding flows that write credentials to disk. These actions go beyond querying/searching a marketplace and grant the skill broad discretion to change user workspace state and session behavior.
Install Mechanism
There is no formal install spec in the registry, but onboarding explicitly tells the agent to run `npm install -g taste-cli` (public npm install). That implies installing external code globally – a normal dev workflow but with nontrivial risk if you haven't audited the CLI package or its upstream domain. The skill itself doesn't provide or declare the package provenance in metadata.
!
Credentials
Metadata declares no required environment variables, yet onboarding instructs creating and saving TASTE_API_KEY, TASTE_BASE_URL, TASTE_EMAIL, TASTE_NICKNAME and handling ~/.taste/.env. It also suggests optional admin operations (invite-code generation). Requesting persistent API credentials and possibly admin actions is disproportionate unless the user expects a full marketplace integration.
!
Persistence & Privilege
Onboarding instructs injecting Taste into the workspace so it runs by default every session (writing HEARTBEAT.md/AGENTS.md/CLAUDE.md). That achieves persistent presence across sessions and modifies other config/doc files. While reasonable for a default marketplace, it is intrusive and may alter other skills' behavior.
What to consider before installing
This skill broadly matches a 'skill marketplace' but its onboarding will: (1) install an external CLI globally (npm install -g taste-cli), (2) register an account and write credentials to ~/.taste/.env, and (3) inject persistent blocks into workspace files (HEARTBEAT.md, AGENTS.md, possibly CLAUDE.md) so it runs at session start. Before installing: back up the workspace, review the taste-cli package and its homepage/domain (https://taste.ink) yourself, avoid running admin invite commands unless you are an admin, and consider setting a local base URL for testing. If you do not want any tool to auto-modify your AGENTS.md / CLAUDE.md or run commands on every session start, do not enable the onboarding injection steps.

Like a lobster shell, security has layers — review code before you run it.

latestvk970h6eekeejjxy0gc3a2n9kmh82vgjq

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments