ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Cisco IOSXE Hardening

v1.0.0

Professional Cisco Router & Switch Security Configuration Generator

0· 69·0 current·0 all-time
byToolWeb@krishnakumarmahadevan-cmd
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name and description match the included API documentation (generation of hardened IOS XE configs). However, the skill is purely instruction/documentation for an external API rather than implementing local logic; that is coherent but raises questions because the documentation references paid plans and external hosts without declaring how the agent should authenticate or which base URL to call.
Instruction Scope
SKILL.md is limited to explaining API endpoints, sample requests and responses, options, and usage. It does not instruct the agent to read local files, environment variables, or unrelated system resources. It also does not contain explicit instructions to exfiltrate unrelated data.
Install Mechanism
This is an instruction-only skill with no install spec and no code files, so it does not write or execute code on disk. That minimizes install-time risk.
!
Credentials
The SKILL.md and openapi reference external endpoints (toolweb.in, api.mkkpro.com) and pricing tiers, implying an API that likely requires credentials or billing, yet the skill declares no required environment variables or credentials. That mismatch is a red flag: either the skill won't function without out-of-band credentials, or it expects the agent to call external endpoints unauthenticated (which may be unacceptable for sensitive configuration data).
Persistence & Privilege
The skill does not request persistent presence (always: false) and does not claim or request system-level privileges or modifications to other skills. Autonomous invocation is allowed (platform default) but not combined with other elevated privileges.
What to consider before installing
This skill is documentation for an external API that generates Cisco IOS XE hardening configs. Before installing or using it: (1) confirm the provider identity and trustworthiness (source is 'unknown' and the registry has no homepage), (2) verify whether the external endpoints (toolweb.in / api.mkkpro.com:8139) require an API key or a paid plan — the skill does not declare any required credentials, which is inconsistent with the pricing info, (3) never send real production device credentials or sensitive device state to an unknown third-party API; test with non-production data in a lab, (4) prefer an option that documents required env vars and authentication clearly or run an audited/local generator, and (5) if you decide to proceed, review TLS/URL details and the provider’s privacy/terms to ensure device configuration data won’t be stored or misused. If you want, I can list concrete questions to ask the provider or suggest alternative, self-hosted hardening tools.

Like a lobster shell, security has layers — review code before you run it.

latestvk97avcyhwfmve3hxkpk1wawpzh83x4z5

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments