ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

VPS Deploy

v1.0.0

Deploy a full-stack app to any VPS from zero to production in one command. Handles SSH hardening, firewall, Docker, Nginx reverse proxy, SSL certificates, an...

0· 51·0 current·0 all-time
bySamih Mansour@llcsamih
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name/description match the runtime instructions: the SKILL.md describes step-by-step server setup, Docker, Nginx, SSL, and app deployment. Nothing in the instructions is unrelated to deploying an app to a VPS.
!
Instruction Scope
The instructions explicitly ask the agent to collect SSH credentials (root password or private key path), to read local project files and environment files (.env.local, .env.example), and to run remote commands as root. These are necessary for deployment but involve collecting and handling highly sensitive data; the SKILL.md gives broad discretion to copy keys and secrets to the server (e.g., copying root's authorized_keys and transferring .env files). There is no limit or safe-handling guidance for secrets beyond brief notes.
Install Mechanism
This is an instruction-only skill (no install spec). However, the runtime instructions call out-of-band installs like piping https://get.docker.com into sh, and installing packages via apt. The Docker install URL is the official get.docker.com host (expected) but piping remote scripts into sh is inherently risky and should be vetted by the user.
!
Credentials
Although the registry metadata lists no required env vars, the skill expects the user to provide SSH root/sudo credentials and to expose local environment files and potentially database passwords. Those are highly sensitive and no mechanisms (e.g., ephemeral keys, encrypted transfer, or explicit minimization) are enforced or suggested by the SKILL.md.
!
Persistence & Privilege
The skill does not request platform-level persistent privileges (always:false), which is good. However, the instructions create a 'deploy' user with NOPASSWD sudo and add it to the docker group, and copy root authorized_keys — those changes give long-lived elevated privileges on the target server and increase blast radius if the deploy account or server is compromised. The SKILL.md does not recommend least-privilege alternatives.
What to consider before installing
This skill appears to implement a full manual deployment workflow and will ask you to share sensitive data: server SSH credentials (root or keys) and local .env files containing secrets. Before using it: (1) prefer using an SSH key specifically created for the deployment and remove/rotate it afterwards; (2) do not hand over your main root password if avoidable — use a temporary sudo-capable key; (3) review any remote scripts before running (curl https://get.docker.com | sh is convenient but risky); (4) avoid copying .env files with production secrets unless you understand where they will be stored and who can read them; (5) reconsider granting NOPASSWD sudo and docker-group membership — it's convenient but increases risk; (6) test steps in a non-production server first and ensure you have console/IP access in case SSH is misconfigured. If you are not comfortable reviewing these actions yourself, consider using a vetted deployment tool or managed service instead.

Like a lobster shell, security has layers — review code before you run it.

latestvk97d3djjc40k7x8jb5mbxqjkbn84e0aa

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments