ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Ransomware Preventer

v1.0.0

Multi-layered ransomware defense strategy platform that generates personalized protection recommendations based on organizational assessment data.

0· 63·0 current·0 all-time
byToolWeb@krishnakumarmahadevan-cmd
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name and description claim a hosted API that produces personalized ransomware defense strategies. The package contains only documentation (SKILL.md) and an OpenAPI spec. No server URL, host, or deployment instructions are provided, and there are no required credentials or environment variables. That is plausible if the skill is intended to have the agent synthesize strategies locally, but it is inconsistent with the expectation of a remote API/service.
Instruction Scope
SKILL.md provides endpoint descriptions, sample requests/responses, and API semantics but does not tell the agent where to send requests (no base server URL) nor does it instruct the agent to read local files, environment variables, or external endpoints. The instructions are self-contained API docs rather than runnable runtime steps — this leaves agent behavior ambiguous (local generation vs. remote call).
Install Mechanism
There is no install spec and no code to write to disk; the skill is instruction-only. From an installation perspective this is low-risk and consistent with a documentation-only skill.
Credentials
The skill requests no environment variables, credentials, or config paths. That is proportionate for a documentation-only or local-generation skill. However, the spec advertises integrations and session tracking without requesting any storage/configuration or credentials to back them — another sign of incompleteness.
Persistence & Privilege
The skill does not request persistent privileges (always is false). It does not declare writes to agent config or system settings. There are no indicators it will persist credentials or change other skills' configurations.
What to consider before installing
This package looks like API documentation rather than a runnable service. Before installing or using it: 1) Ask the provider for the service endpoint(s) and deployment details (base URL and auth method). 2) Do not send real or sensitive assessment data until you confirm where data will be sent and how it will be stored/retained (ask about logging, session storage, and retention policies). 3) If the skill is expected to call an external API, require explicit credentials and verify TLS and an official domain; if it is supposed to run locally, confirm that behavior and test in a sandbox with synthetic data. 4) Prefer skills with a known source/homepage or verifiable owner; lack of provenance increases risk. 5) If you intend to integrate recommendations into tooling (SIEM/EDR), require explicit auditability and data-export controls from the provider.

Like a lobster shell, security has layers — review code before you run it.

latestvk977jrnc9rrzc6p4bjpf3r219d83hbyb

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments