ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

WeChat Share

v1.0.8

Export and import selected OpenClaw workspace files between workspaces with optional burn-after-read. Use when the user wants to share SOUL.md, AGENTS.md, TO...

0· 90·0 current·0 all-time
by@liuhao6741
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (share workspace files) match the declared requirements and runtime steps. Required binaries (curl, python3) are reasonable for building HTTP requests and escaping/encoding file contents before upload. No unrelated credentials, system paths, or extra tools are requested.
Instruction Scope
SKILL.md confines file access to the current workspace, prescribes path validation, and warns about secrets and memory files. The instructions explicitly call a remote API (https://api.db9.ai) to store share data and return db_id/api_token to the sender — this is consistent with a remote temporary-share workflow. The skill does instruct the sender to include the API token and DB id in the message to recipients (sensitive by design) but also recommends preview/check steps before import and burn-after-read options.
Install Mechanism
Instruction-only skill with no install spec or external downloads; lowest-risk installation footprint. It relies on platform-provided curl and python3 only.
Credentials
No environment variables, credentials, or config paths are requested. The runtime flow creates a short-lived anonymous db9 account and API token used to hold the shared files; exposing that token to the recipient is intrinsic to the sharing design and is documented in the manifest/instructions.
Persistence & Privilege
Skill is not always-enabled, does not request elevated privileges, and does not modify other skills' configs. Autonomous invocation is allowed by default but is not combined with other high-risk factors.
Assessment
This skill appears to do what it says, but it transfers workspace files through a third-party service (api.db9.ai) and creates a temporary API token that you or the recipient will use. Before using: (1) verify you trust the remote host (db9.ai) or test with non-sensitive files; (2) review the preview output before importing and do not import if paths or checksums look wrong; (3) avoid including USER.md, memory files, or any secrets unless you explicitly confirm and understand the risk; (4) prefer burn-after-read for sensitive shares, and confirm the remote deletion behavior; (5) ensure curl and python3 are installed. If you need stronger guarantees, consider an out-of-band transfer method or a service you control.

Like a lobster shell, security has layers — review code before you run it.

latestvk970kya4chjnpgg04jkgsnd9a183fg5v

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Binscurl, python3

Comments