ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

pfSense Hardening

v1.0.0

Generates hardened pfSense firewall configurations based on specified security options.

0· 44·0 current·0 all-time
byToolWeb@krishnakumarmahadevan-cmd
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name/description (pfSense hardening) match the SKILL.md and openapi.json: the skill is an instruction-only wrapper around an API that generates hardened pfSense configurations. Using an external API for this purpose is reasonable and coherent.
Instruction Scope
The SKILL.md restricts behavior to accepting hardeningOptions and returning generated configurations via the documented POST /api/hardening/generate endpoint. It does not instruct the agent to read local files, environment secrets, or system state. However, the documented requests/responses imply the agent will send firewall configuration data (which can include sensitive details) to the external API, so there's a potential for sensitive data leaving the host.
Install Mechanism
No install spec or code files (instruction-only). This minimizes local disk changes and execution risk; the only runtime activity is network interactions per the OpenAPI.
!
Credentials
The SKILL.md lists pricing and external endpoints (toolweb.in, api.mkkpro.com) that strongly suggest a hosted service that likely requires API credentials, but the skill declares no required env vars, no primary credential, and the openapi.json contains no securitySchemes. This mismatch is concerning: calls to the external service may fail or the user might be prompted to paste credentials into chat, and generated configurations (possibly with secrets) could be transmitted to an unknown third party without clear auth/consent semantics.
Persistence & Privilege
always is false, no config paths or system modifications are requested, and the skill does not request persistent installation or elevated privileges. Autonomous invocation is permitted (default) but not combined with other high privileges here.
What to consider before installing
This skill appears to be a network-backed service that will send your hardening requests to an external API. Before installing, verify the provider (toolweb.in / api.mkkpro.com) and their privacy/security policies. Ask the author to declare required credentials (API key) and include securitySchemes in openapi.json so you know how auth is handled. Do not send real production firewall configs or secrets to this skill until you confirm TLS, authentication requirements, and trust in the service; instead, test with non-sensitive sample configs. If you prefer not to transmit sensitive data off your network, use a local/offline hardening tool or a vetted internal script instead.

Like a lobster shell, security has layers — review code before you run it.

latestvk976x6dhnbmd408x0jmz92x6eh83xxgy

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments