ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

AI Commander Dashboard

v1.8.0

AI Commander Management Dashboard. A lightweight companion web UI for monitoring inbound emails received via the email-webhook skill and browser session stat...

0· 927·2 current·2 all-time
byCoder AI@lksrz
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
high confidence
Purpose & Capability
Name/description, declared requirements (node + DASHBOARD_TOKEN), included files, and the single npm dependency (express) align with a lightweight local dashboard that reads inbox.jsonl and session.json. The code only serves a static UI and two read-only APIs that read local files.
Instruction Scope
SKILL.md instructs to install express and run node scripts/server.js — that matches the provided server.js. The runtime instructions and code stay within the stated purpose (reading inbox/session files and serving them). Minor note: the UI stores the token in localStorage and removes it from the URL, which is expected for a token-protected web UI but has client-side persistence implications.
Install Mechanism
Install spec is a single npm dependency (express@4.21.2). This is proportional to the stated functionality and uses a common package registry; there are no downloads from arbitrary URLs or archive extraction.
!
Credentials
Metadata declares DASHBOARD_TOKEN as required/primary, but both the SKILL.md and server.js allow auto-generating a token when DASHBOARD_TOKEN is not set. Additionally SKILL.md contains contradictory defaults for DASHBOARD_HOST (127.0.0.1 in one place, 0.0.0.0 in another). The code uses 0.0.0.0 by default, which makes the dashboard network-accessible unless the operator sets DASHBOARD_HOST. These mismatches between declared requirements, documentation, and actual code increase risk if users assume localhost-only access or that a secret must be provided.
!
Persistence & Privilege
The skill does not request elevated system privileges and is not always-enabled. However, because the server binds to 0.0.0.0 by default (despite some docs saying localhost), it may expose local inbox and session data to the network. That exposure combined with the token behavior (auto-generated token printed to stdout if not provided) raises a non-trivial blast radius if deployed on multi-tenant or public hosts.
What to consider before installing
This dashboard appears to do what it says (read-only viewer of inbox.jsonl and session.json). Before installing: (1) Treat DASHBOARD_TOKEN as required in practice — explicitly set DASHBOARD_TOKEN to a strong secret so the server does not print an auto-generated token to stdout. (2) Override DASHBOARD_HOST to 127.0.0.1 (or firewall the port) if you only want local access — the server code binds to 0.0.0.0 by default, making it reachable from the network. (3) Verify INBOX_PATH / SESSION_PATH point to only the files you intend to expose; these files may contain sensitive email content or session metadata. (4) Note the UI pulls CSS/JS from public CDNs (jsdelivr / tailwind), so consider your organization's policy on remote asset loading. (5) Because the skill metadata declared DASHBOARD_TOKEN as required but the implementation can auto-generate a token, double-check the platform's enforcement of required env vars — do not rely on implicit behavior. If you cannot set DASHBOARD_TOKEN or ensure host binding is local, avoid running this skill on network-exposed machines.

Like a lobster shell, security has layers — review code before you run it.

latestvk973zk0m7xgs1awgpfmmnj0txd81d2s5

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Binsnode
EnvDASHBOARD_TOKEN
Primary envDASHBOARD_TOKEN

Install

Install Dashboard dependenciesnpm i -g express@4.21.2

Comments