ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Docker Medic

v1.0.0

Inspects container health and suggests fixes for common errors

0· 22·0 current·0 all-time
byPeter Lum@liverock
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
The skill's name/description says it inspects container health, but the package requests no Docker binary, no Docker socket, and no environment variables. The included implementation (mock_docker.js) returns hard-coded container lists and logs rather than querying a real Docker daemon, so it cannot perform the stated runtime task on a real host without modification.
Instruction Scope
SKILL.md describes checking containers and logs and exposes a check_containers command, which is consistent in intent. However the instructions are ambiguous about how container data is obtained at runtime (no mention of docker CLI, Docker API, or required host access), and the shipped handler.js relies on mock_docker.js rather than any real Docker integration.
Install Mechanism
No install spec is present and there are no downloads or external installers, which lowers installation risk. The skill is instruction-only with two small JS files included.
Credentials
The skill declares no required environment variables, credentials, or config paths. The code does not access environment variables or external endpoints. This is proportionate to the actual (mock) implementation, but not to the advertised real-world Docker functionality.
Persistence & Privilege
The skill is not forced-always, does not request elevated or persistent privileges, and does not modify other skills or global agent settings. Autonomous model invocation is allowed but not combined with other privilege escalations.
What to consider before installing
This skill is inconsistent: it promises to inspect real Docker containers but the shipped code uses a hard-coded mock (mock_docker.js) and does not call the Docker CLI or Docker API. If you expect a tool that actually inspects containers on your machine, do not rely on this version. Options: - Review and modify the code to replace mock_docker.js with real Docker interactions (e.g., use dockerode or call the docker CLI), and ensure any added access (Docker socket or DOCKER_HOST) is intentional and secured. - If you deploy a version that touches the Docker socket or host files, audit it carefully for data exfiltration and limit the skill's permissions. - If you only want diagnostics examples or a demo, this skill is harmless, but label it clearly as demo/mock. Proceed with caution if you expected real host inspection.

Like a lobster shell, security has layers — review code before you run it.

latestvk973616e2hqkkpt7v7k8vec61s84kzcj

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments