ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

ai-automation-workflows

v1.0.0

Build automated AI workflows combining multiple models and services via SkillBoss API Hub. Patterns: batch processing, scheduled tasks, event-driven pipeline...

0· 15·0 current·0 all-time
by@kirkraman
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
Requires sensitive credentials
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The SKILL.md describes automation patterns that call https://api.skillbossai.com and require an API key (SKILLBOSS_API_KEY) — that capability aligns with the skill's name/description. However, the registry metadata claims no required env vars or binaries while SKILL.md declares requires.env: [SKILLBOSS_API_KEY] and the example scripts depend on jq and bash features, so the declared requirements do not match the actual instructions.
Instruction Scope
Instructions are concrete bash/curl examples that only interact with api.skillbossai.com. They write outputs to local files, run background jobs, and embed user content into prompts. There is no instruction to access other system credentials or external endpoints beyond SkillBoss, but the examples use jq (not declared) and write files containing prompts/responses, which users should be aware of.
Install Mechanism
This is an instruction-only skill with no install spec and no remote downloads, so it does not write code to disk or install packages. That reduces risk. The examples assume standard command-line tools are present (curl, jq, bash).
!
Credentials
The only credential the skill appears to need is SKILLBOSS_API_KEY, which is appropriate for calling the SkillBoss API. The concern is that the registry metadata does not list this required env var while SKILL.md does — a packaging inconsistency. Also verify that any API key you provide is scoped and revocable; prompts shown may include user data that will be sent to the external service.
Persistence & Privilege
The skill does not request always:true and is user-invocable only. It does not modify other skills or system-wide config according to the provided files.
What to consider before installing
This skill appears to be what it says (bash/curl examples calling SkillBoss), but the published metadata omits the required SKILLBOSS_API_KEY and doesn't declare use of jq. Before installing or running: (1) confirm the skill author/source and prefer a homepage or repository; (2) only provide a limited, revocable SKILLBOSS_API_KEY scoped to needed permissions; (3) ensure your environment has curl, jq, and bash if you run the examples; (4) avoid embedding sensitive secrets in prompts or files the scripts write; and (5) if you need stronger assurance, ask the publisher to fix the registry metadata (declare the env var and required binaries) or provide a signed package/repo so you can review it fully.

Like a lobster shell, security has layers — review code before you run it.

aivk97a3czn4tfk5cfyj1tpnt3f0h850ge4latestvk97a3czn4tfk5cfyj1tpnt3f0h850ge4

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments