Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Bounty Hunter Pro
v1.0.0Autonomous bug bounty hunting with scope safety. Scans targets for subdomains, secrets, vulnerabilities. Uses Certificate Transparency logs, JS analysis, ent...
⭐ 0· 354·2 current·2 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description (autonomous bug-hunting) aligns with the listed scanner/analyzer/alerter components and file layout. However, the SKILL.md references cloud LLMs (qwen2.5-coder, glm-5:cloud) and an OpenClaw message bus for alerts without declaring any credentials, endpoints, or requirements; that mismatch is unexpected for a self-contained scanner.
Instruction Scope
Instructions tell the agent to run network scans, parse JS for secrets, write findings to home-directory paths, and send alerts externally. Those actions are appropriate for a scanner, but the safety guard/code has an implementation gap: setup writes authorized patterns like "*.example.com" to ~/workspace/bounty_hunting/authorized_targets.txt while the provided is_authorized() checks the relative file "authorized_targets.txt" and uses literal endswith() matching — wildcard patterns ("*.example.com") won't match subdomains as intended. This creates a real risk the 'ALWAYS respects authorized targets' promise is broken. The SKILL.md also lacks details on where the tool zip files come from and how watchdog alerts are authenticated.
Install Mechanism
The skill is instruction-only (no install spec), so nothing is installed automatically — lower platform install risk. But the setup shows unzipping subfinder.zip, httpx.zip, nuclei.zip with no source URLs or hashes; that leaves an implicit step of downloading binaries from unspecified locations, which is high-risk if users follow instructions uncritically. The skill should declare trusted sources or package manager installs.
Credentials
No environment variables or credentials are declared, yet the analyzer references cloud-hosted LLMs and the alerter references the OpenClaw message bus — both ordinarily require API keys/authentication. The absence of declared credential requirements is an incoherence: either the skill expects local models (not stated) or it will silently require/attempt cloud credentials (not declared), which can lead to accidental data exfiltration or failed runs.
Persistence & Privilege
always:false and disable-model-invocation:false (normal). The SKILL.md suggests installing a user crontab entry to run nightly scans — that’s a user-actuated persistence suggestion rather than a forced platform-level privilege. Recommend not adding the cron until code/authorization checks are verified. No self-enabling/alteraion of other skills is present.
What to consider before installing
Do not run or schedule this skill as-is. Before installing or executing: 1) Verify and fix the authorization logic — ensure wildcard rules (e.g., *.example.com) are parsed correctly and the code reads the same authorized_targets file path used in setup. 2) Require explicit, documented sources and integrity checks (URLs + checksums) for subfinder/httpx/nuclei binaries rather than unzipping unspecified zip files. 3) Clarify LLM usage: decide whether models run locally or in the cloud; if cloud, add explicit required environment variables (API keys) and document where data (findings/JS code) will be sent. 4) Inspect watchdog/alerter code and OpenClaw message-bus endpoints and authentication to ensure alerts cannot exfiltrate sensitive data. 5) Only add the cron job after the above are resolved and after confirming you have explicit legal authorization to scan the listed targets. If you want, share the actual nightwatch.py / analyze_daemon.py / watchdog.py sources so I can re-evaluate the safety guard, I/O, and external calls more precisely.Like a lobster shell, security has layers — review code before you run it.
latestvk97bvbn4n1x3j88fknc6ee4p91828t26
License
MIT-0
Free to use, modify, and redistribute. No attribution required.