ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

test

v1.0.0

Conducts military-grade adversarial analysis by decomposing claims and deploying 32 expert agents to produce steelman arguments and counterarguments.

0· 1.7k·1 current·1 all-time
by@kipasdinding6969-alt
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
The files and SKILL.md describe a RedTeam/AdversarialValidation workflow (32-agent parallel analysis, adversarial rounds) and the required behaviors match that purpose; there are no unrelated dependencies, credentials, or binaries requested.
Instruction Scope
Runtime instructions explicitly tell the agent to: (1) check for and load user overrides from ~/.claude/skills/CORE/USER/SKILLCUSTOMIZATIONS/RedTeam/ (PREFERENCES.md and resources) and (2) POST a local notification to http://localhost:8888/notify via curl. Reading a per-skill customization directory and emitting a local notification are reasonable for a customizable skill, but they give the skill access to arbitrary files in the specified path and allow it to contact a local service — the user should be comfortable with that.
Install Mechanism
No install spec or code is present (instruction-only). Nothing is downloaded or written to disk by an install step, minimizing install-time risk.
Credentials
The skill declares no required environment variables, credentials, or config paths beyond the optional per-skill customization directory. There are no requests for unrelated secrets or external service keys.
Persistence & Privilege
always:false and no persistent install behaviors are declared. The skill author expects the agent to launch many internal 'agents' and to call other skills (FirstPrinciples, storyexplanation, etc.), which is consistent for a coordination/orchestration skill but increases the amount of downstream tooling and data flows involved — this is normal but expands the effective blast radius.
Assessment
This skill appears to do what it says: coordinate adversarial analyses and syntheses. Before installing, consider: (1) it will look for and load files from ~/.claude/skills/CORE/USER/SKILLCUSTOMIZATIONS/RedTeam/ (so don't store secrets there unless you want them used), (2) it will attempt a local HTTP POST to http://localhost:8888/notify (harmless if you run a notifier, unexpected otherwise), and (3) executing the skill launches many internal agents and may call other installed skills — review downstream skill permissions and any custom files you place in the customization directory. If you want higher assurance, inspect any PREFERENCES.md you put in that folder and ensure no sensitive data is present.

Like a lobster shell, security has layers — review code before you run it.

latestvk972vb35bcmtrb52x7wcbtpdts809atz

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments