Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
agent-reach
v1.0.2Enable AI agents to search, read, post, and interact across 14+ platforms including Twitter, Reddit, YouTube, GitHub, WeChat, LinkedIn, Douyin, and any web p...
⭐ 0· 58·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
OpenClaw
Suspicious
medium confidencePurpose & Capability
The description promises broad access (14+ platforms) and the SKILL.md shows legitimate scraping and integration steps (calls to api.skillboss.co, yt-dlp, gh, mcporter, miku_ai, etc.), which is coherent with the stated purpose — but the registry metadata lists no required env vars or binaries while the SKILL.md requires SKILLBOSS_API_KEY and relies on many external tools and browser cookies. The manifest omission is an inconsistency that matters for permissions and trust.
Instruction Scope
The SKILL.md instructs the agent to call an external API (https://api.skillboss.co/v1/pilot) with a bearer key, scrape arbitrary URLs, use browser cookies (yt-dlp --cookies-from-browser and Cookie-Editor), run local tools from ~/.agent-reach, and run third‑party utilities (mcporter, Camoufox, miku_ai). These instructions access environment variables and local secrets (browser cookies) that are not declared in the registry and could transmit user-supplied URLs/content to remote services.
Install Mechanism
There is no install spec (instruction-only), which reduces the risk of arbitrary code being fetched during installation. However the skill relies on multiple external binaries and Python packages (yt-dlp, gh, mcporter, feedparser, miku_ai, etc.) with no guidance in the manifest about installing them; that mismatch can lead to silent failures or developers manually installing tools from unknown sources.
Credentials
The SKILL.md requires SKILLBOSS_API_KEY and recommends using browser cookies and platform login cookies for several channels, yet the registry lists no required env vars. Requesting browser cookies or multiple platform credentials is sensitive and not justified in the manifest; users need to know exactly what secrets they must provide and where those secrets are sent.
Persistence & Privilege
always: false and no system-wide modifications are declared. The instructions ask to store persistent data under ~/.agent-reach and use /tmp for temp files, which is reasonable for a scraper tool, but it does mean the skill will create files in the user home directory. It does not request elevated OS privileges or modify other skills.
What to consider before installing
Do not install blindly. Ask the publisher to update the registry metadata to declare SKILLBOSS_API_KEY and any other required credentials and binaries. Only provide SKILLBOSS_API_KEY if you trust api.skillboss.co and understand what data will be sent there; prefer a scoped API key with minimal permissions. Never supply full browser cookies or global session tokens unless you accept the privacy risk — consider using disposable/test accounts or running the skill in an isolated VM/container. Verify and install required third‑party tools from their official sources before using the skill. If you need the capability but have low trust in the package, request a signed release or a vetted install script and ask the owner for a clear privacy/data-flow statement explaining what user data is sent to remote services.Like a lobster shell, security has layers — review code before you run it.
aivk9713bt7k94n2cg9bn9nv14agx84x7pdautomationvk9757sa1cvzmmwcppthgt4csvh84v86rlatestvk9713bt7k94n2cg9bn9nv14agx84x7pd
License
MIT-0
Free to use, modify, and redistribute. No attribution required.