ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

task-progress-stream

v0.1.0

Stream long-running task progress into the OpenClaw chat UI.

0· 200·0 current·0 all-time
by@liyooyin
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The skill's name and description match the code: it runs commands or tails logs and injects progress into chat. However the registry metadata declares no required binaries while the script spawns the external 'openclaw' CLI and uses '/bin/bash' to run arbitrary --cmd strings. The missing declared binary dependency (openclaw) is an incoherence the user should notice.
!
Instruction Scope
SKILL.md and the script instruct running arbitrary commands or tailing arbitrary files and periodically injecting parsed summaries/last log lines into a chat session. That scope is broad and can result in leaking sensitive contents from stdout/stderr or log files into the OpenClaw chat. The instructions give the agent broad discretion to run and monitor anything the user points at.
Install Mechanism
No install spec is provided (instruction-only plus an included JS script), so nothing will be automatically downloaded or written by an installer. The script itself writes status/log files when executed, which is expected behavior for this utility.
!
Credentials
The skill declares no required environment variables or credentials, but it invokes the 'openclaw' CLI which will use the agent's existing OpenClaw credentials/configuration on disk; this is not declared. Additionally, because the tool transmits parsed log text and 'lastLine' to chat, secrets present in logs (API keys, tokens, paths, stack traces) could be exfiltrated to chat unintentionally.
Persistence & Privilege
always is false and the skill does not request elevated platform privileges. It writes per-task status files under an output directory (default runs/task-progress-stream) but does not modify other skills or system-wide settings.
What to consider before installing
This skill appears to do what it says, but exercise caution before running it: - Review the included script (you already have the source) before use. - The script runs arbitrary shell commands (--cmd) and tails files; only point it at commands/logs you trust and control. - It calls the 'openclaw' CLI to inject messages into chat; ensure you understand what credentials/config that CLI will use and that you trust the destination chat session. - Logs and stdout/stderr may contain secrets (API keys, tokens, PII); sanitize logs or restrict what is tailed to avoid accidental exfiltration. - Note the registry metadata omitted the dependency on the 'openclaw' binary; ensure the binary path and behavior are acceptable in your environment. - Prefer running this in an isolated environment or with minimal privileges; consider using an explicit out-dir in a controlled location and cleaning up produced files after use. If you need higher confidence, request the full untruncated source, confirm any CLI dependencies, and test in a safe sandbox first.
scripts/task_progress_stream.js:255
Shell command execution detected (child_process).
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.

Like a lobster shell, security has layers — review code before you run it.

latestvk970bev498qng4f37c29q9xee982zwer

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments