Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Registrychain Setup
v1.0.1Install the RegistryChain plugin for on-chain entity registration. Use when the user wants to set up RegistryChain, install the RegistryChain plugin, or when...
⭐ 0· 71·0 current·0 all-time
byKutaibah Halima@kutaibah
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The SKILL.md instructions (git clone, npm install, openclaw plugin install/enable) are consistent with installing an OpenClaw plugin called RegistryChain. However, the registry metadata claims 'Required binaries: none' while the SKILL.md requires git, node (>=22), npm, and openclaw — a clear mismatch between metadata and runtime instructions.
Instruction Scope
All steps are within the scope of installing a plugin: cloning the repo, installing Node deps (with --ignore-scripts), linking, registering the plugin, copying skill files to ~/.codex/skills, editing ~/.openclaw/openclaw.json to set tools.profile to 'full', and restarting the gateway. These actions modify user agent configuration and write into home-directory agent folders (~/.openclaw and ~/.codex). The use of --ignore-scripts reduces risk from npm lifecycle scripts, but there is no step to verify commit signatures or inspect package.json beyond a suggested manual review.
Install Mechanism
This is instruction-only (no install spec). The install uses git clone from github.com and pins to a specific commit (good for reproducibility). There is no automated download from an untrusted host, but there is also no automated verification (GPG/sha) of the commit or code integrity beyond pinning the commit hash.
Credentials
The skill does not request environment variables or external credentials. The only effects are filesystem changes under the user's home (~/.openclaw and ~/.codex) and a config change to the agent's tools profile. Those are proportionate to installing an agent plugin, but they do give the plugin and agent broader local capabilities once enabled.
Persistence & Privilege
The skill is not 'always: true' and does not request special platform-wide privileges, but it writes files into the agent folders and modifies the agent config (tools.profile to 'full') and restarts the gateway. These are persistent changes to the agent environment and increase the agent's tool availability; the behavior is expected for installation but worth explicit user consent.
What to consider before installing
This skill largely does what it claims, but review before running: 1) Confirm the GitHub repository and the pinned commit (d2d072f) are the official source you trust; consider checking the commit contents and author. 2) Before running npm install, manually inspect package.json and any code for unexpected behavior (the SKILL.md suggests this). 3) Understand that the steps copy files into ~/.codex/skills and change ~/.openclaw/openclaw.json to set tools.profile to 'full' — this expands the agent's available tools and persists across runs. 4) Back up your current ~/.openclaw and ~/.codex/skills directories before installing so you can revert. 5) If you want extra safety, perform the installation in an isolated environment or test account rather than your primary agent environment.Like a lobster shell, security has layers — review code before you run it.
latestvk97crz56trx8d9skrjc8j03qan83x1ft
License
MIT-0
Free to use, modify, and redistribute. No attribution required.