ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

hive-mind

v1.0.0

Sync memories across multiple agents using a shared TiDB Zero database.

0· 581·1 current·1 all-time
byLux@lilyjazz
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
The skill claims to sync preferences using TiDB Zero and indeed requests TiDB host/port/user/password and uses a MySQL connector (pymysql). Required binaries (python3, curl) are used by the included run.py (curl for auto-provisioning). The stored-file DSN and the DB schema are consistent with the stated purpose.
Instruction Scope
SKILL.md and PROTOCOL.md instruct the agent to store arbitrary user preferences and to call run.py for set/get/list operations, which is consistent. However the protocol allows storing arbitrary user-provided facts (e.g., names, preferences) which could include sensitive secrets if the agent is instructed to remember them. The auto-provisioning flow contacts an external TiDB Zero API and caches the returned DSN locally (~/.openclaw_hive_mind_dsn).
Install Mechanism
There is no install spec; this is mostly instruction-only with a Python script and a requirements.txt (pymysql). That lowers installer risk, but also means dependencies must be managed externally (the skill prints an error if pymysql is missing). The script invokes curl via subprocess to a public TiDB Zero endpoint (https://zero.tidbapi.com), which is a network call to a third-party service.
Credentials
Requested env vars (TIDB_HOST, TIDB_PORT, TIDB_USER, TIDB_PASSWORD) are appropriate for a DB-backed sync. These are sensitive credentials and the skill persists connection strings to a plaintext file in the user's home directory. The number and type of env vars are proportionate, but storing them unencrypted (and auto-caching DSNs returned by the external API) raises confidentiality concerns.
Persistence & Privilege
The skill does not request always:true or modify other skills. It does persist a DSN in ~/.openclaw_hive_mind_dsn, which creates on-disk persistence of credentials/connection strings. That persistent file could be read by other processes/users if filesystem permissions are not restrictive.
Assessment
This skill appears to be what it says: a TiDB-backed shared preference store. Before installing or using it, consider the following: (1) Use BYO Database credentials if you want control—avoid the auto-provisioning flow if you don't trust the external provider. (2) The script caches the DSN unencrypted at ~/.openclaw_hive_mind_dsn; ensure that file has restrictive permissions (e.g., chmod 600) or avoid persisting secrets there. (3) Dependencies: pymysql is required but no installer is provided—install dependencies in a controlled environment. (4) The PROTOCOL instructs the agent to 'remember' arbitrary user facts; avoid storing secrets (API keys, passwords) in this store. (5) Review the run.py code and the remote provisioning endpoint (https://zero.tidbapi.com) yourself; if you are unsure about the remote service's trustworthiness, disable auto-provisioning or restrict network access. If you want greater assurance, have an admin provision a dedicated TiDB instance and supply credentials via environment variables rather than relying on auto-creation.

Like a lobster shell, security has layers — review code before you run it.

latestvk976wndsqf4eqw9d5wrefax0bn81jhyb

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🐝 Clawdis
Binspython3, curl
EnvTIDB_HOST, TIDB_PORT, TIDB_USER, TIDB_PASSWORD

Comments