ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Daily Cost Report

v1.0.0

Generate detailed daily OpenClaw cost reports by agent, model, and channel, with HTML email formatting and optional automated delivery.

0· 82·1 current·1 all-time
byKarl Varga@kjvarga
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The scripts implement an OpenClaw session-based cost reporter and emailer, which matches the skill name/description. However, SKILL.md declares a required env var OPENAI_API_KEY even though none of the shipped scripts use it; the registry metadata also lists no required envs. That mismatch is incoherent and should be explained by the author.
Instruction Scope
Runtime instructions ask the agent to exec the included bash scripts (expected for this type of skill). The scripts call 'openclaw sessions --all-agents --json', parse session data, format reports, and use the local 'mail' command to send HTML. They only read OpenClaw session output, temporary files (/tmp), and user information via 'whoami' — there are no external network endpoints or opaque data-collection steps in the scripts themselves. The SKILL.md does show manual exec examples which will run arbitrary shell commands on the host when invoked; that's normal for local script-based skills but increases risk if the scripts are modified.
Install Mechanism
Instruction-only skill with no install spec (scripts only). This lowers install-time risk because nothing is downloaded/executed at install time. The scripts assume certain binaries are present (openclaw CLI, jq, awk, mail) but do not install anything themselves.
!
Credentials
The SKILL.md lists OPENAI_API_KEY under requires.env but the code does not use this variable; the registry metadata shows no required envs. Other environment/config access is limited: the scripts reference $HOME and expect the OpenClaw CLI at $HOME/homebrew/bin/openclaw (hardcoded PATH modification). Requesting an unrelated API key or declaring it as required is disproportionate and may be an artifact or mistake.
Persistence & Privilege
The skill does not request always: true and does not attempt to modify other skills or system-wide settings. SKILL.md suggests a cron job entry in ~/.openclaw/cron/jobs.json as an example; scheduling is optional and not enforced by the skill.
Scan Findings in Context
[unicode-control-chars] unexpected: The static scan detected unicode control characters in SKILL.md; these can be used for prompt-injection or to hide content. There is no legitimate reason visible in the scripts for hidden characters, so this warrants inspection of the SKILL.md source for concealed instructions or obfuscation.
What to consider before installing
What to check before installing: - Ask the author why SKILL.md declares OPENAI_API_KEY even though the scripts don't use it; remove that requirement if it's unused. Unexplained credential requirements are a red flag. - Inspect the SKILL.md source for hidden/Unicode control characters (the scanner flagged unicode-control-chars). Open the file in a hex-aware editor or run a sanitizer to reveal hidden characters. - Verify the OpenClaw CLI path expected by scripts ($HOME/homebrew/bin/openclaw). If your openclaw binary is elsewhere, update the script to point to the correct path or ensure PATH is set safely. - Review and test scripts in a safe/isolated environment (or a non-production account) first. Run the report generation step without sending mail to validate outputs (daily-cost-report.sh). The send script uses the local mail command; ensure your mail agent is configured and that sending to external addresses is intended. - If you plan to schedule automation, review the cron/job JSON example carefully and ensure the agent permissions and delivery channel settings (e.g., Telegram phone number) are appropriate. - If you have limited security expertise, ask the maintainer to: (1) remove unrelated env declarations, (2) confirm there are no hidden chars, and (3) add a quick self-check that the openclaw binary exists or fail with a clear error. These clarifications would raise confidence and could change the verdict to benign.

Like a lobster shell, security has layers — review code before you run it.

latestvk97b98ds49pnhrf4g84yd2bsth836v6e

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments