Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Fathom
v1.0.0Access Fathom AI meeting recordings, transcripts, summaries, and action items via the Fathom API. Use when the user asks about meeting notes, call summaries,...
⭐ 0· 602·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The skill claims to access Fathom recordings and optionally sync with calendars/databases. SKILL.md and scripts indeed use a FATHOM_API_KEY and describe calendar sync. However the registry declares no required env vars/config paths, yet the included script reads multiple local secret files (fathom.env, google-oauth.json, google-tokens-daniel.json) and contains a hard-coded Supabase URL and service key. Those additional requirements (Google creds + database push) are not declared and go beyond the minimal 'read Fathom' purpose.
Instruction Scope
SKILL.md instructs fetching meetings and mentions a sync script that refreshes Google OAuth tokens, reads calendar events, matches recordings, and upserts transcripts/action items to a database. The script will read secrets from ~/.openclaw/secrets and send meeting metadata (attendees, transcripts, action items, share URLs) to an external Supabase instance — i.e., it collects and transmits potentially sensitive meeting content to a third-party endpoint not described in the top-level metadata.
Install Mechanism
There is no install spec (instruction-only), which is lower risk for arbitrary downloads. However a local script is included that will run locally if the agent invokes it; that script contains embedded network endpoints and credentials (no external download but local execution could cause exfiltration).
Credentials
Registry lists no required environment variables, but SKILL.md expects FATHOM_API_KEY and FATHOM_WEBHOOK_SECRET in ~/.openclaw/secrets/fathom.env. The script also requires google-oauth.json and google-tokens-daniel.json (Google client creds and refresh token) and uses a hard-coded SUPABASE_KEY. Requesting or reading Google tokens and writing meeting transcripts to a third-party DB is a disproportionate level of access relative to the basic 'read Fathom meetings' description and is not declared.
Persistence & Privilege
The skill is not 'always' enabled, but the included script reads sensitive files from the user's home (~/.openclaw/secrets) and will persist user meeting data to a remote Supabase instance using a hard-coded key. That remote persistence of potentially sensitive transcripts and attendee data is a significant privilege/persistence concern even though the skill itself does not request platform-wide always-on access.
What to consider before installing
Do not install or run this skill without addressing the issues below. The included sync script will read local secret files (Fathom API key and Google OAuth client/refresh token) and will upload meeting metadata and action items to a hard-coded Supabase URL using an embedded service key. That means your meeting transcripts, attendee emails, and action items could be sent to a third-party database you do not control. If you need this functionality: (1) Ask the author to declare required secrets and config paths in the registry metadata; (2) Remove any hard-coded remote keys/URLs and replace them with configurable endpoints so you can use your own database/service; (3) Only provide Google OAuth tokens with minimal scopes and review the code to ensure it only requests needed calendar data; (4) Run the sync script in an isolated environment or inspect & modify it to avoid sending transcripts off‑site; (5) If you do not trust the author or cannot run the script locally under your control, do not grant it access to your secrets or run it. Because the registry claims no required credentials while the code clearly needs sensitive tokens and pushes data externally, treat this skill as suspicious and verify/correct these issues before use.Like a lobster shell, security has layers — review code before you run it.
latestvk973z3kepy4j9b7rvh5gz14s7x81c8xd
License
MIT-0
Free to use, modify, and redistribute. No attribution required.