ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Openclaw Deploy

v1.2.1

一键打包和部署 OpenClaw 环境到任意服务器。自动移除敏感信息、支持本地/远程/批量部署、冲突处理、SHA256 完整性校验、详细日志与故障排查指南。适用于 OpenClaw 环境迁移、批量部署、团队标准化。

0· 81·0 current·0 all-time
byMicRabbit@lyx058019
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description (one‑click package & deploy) align with required binaries (bash/tar/ssh) and the provided scripts (build/, deploy/, batch/). The repo clone URL and included scripts correspond to deployment functionality.
!
Instruction Scope
The SKILL.md and scripts will read from the user's HOME (~/.openclaw), copying workspace, memory, and skills into the package. The code only sanitizes a limited set of keys in openclaw.json; other files (workspace files, memory directory, skill code, .env files, or any other artifacts) are copied without broad scrubbing. That contradicts the SKILL.md claim of '自动移除敏感信息' (automatic removal of sensitive info) and could lead to unintended disclosure if the package is shared or uploaded.
Install Mechanism
No unusual install mechanism in registry metadata; SKILL.md's metadata instructs cloning from a GitHub repository (a common release host). The scripts do invoke standard external installers (e.g., get.docker.com) and use curl to fetch remote installers, which is expected for an automated deploy tool but is a standard-risk action that should be reviewed before running.
!
Credentials
The skill declares no required env vars, but scripts will read local paths (~/.openclaw, SSH keys referenced by inventory, $HOME/.ssh/known_hosts) and will use optional env (DEPLOY_URL) if present. Packaging and deployment actions access many user-local artifacts (workspace, memory, skills) that may contain credentials or PII; requiring no explicit credential inputs makes it easy to accidentally package and exfiltrate sensitive data. The sanitization scope is narrow (only specific keys in openclaw.json).
Persistence & Privilege
The skill does not request always:true, does not modify other skills' configs, and its install is instruction-only/clone-based. It will create or overwrite ~/.openclaw when installing packages, which is consistent with its function but should be noted by the user.
What to consider before installing
This skill appears to be a legitimate deploy/pack tool, but be cautious: it reads and packages files from ~/.openclaw (workspace, memory, skills) and only sanitizes a narrow set of keys in openclaw.json. Before installing or running: (1) inspect the cloned repository (https://github.com/lyx058019/openclaw-deploy) yourself; (2) run the scripts in a disposable VM or container first; (3) review what will be included in a package (check the TEMP_DIR contents or run in dry-run/test mode); (4) ensure sensitive files (secrets, .env, memory, skills with embedded tokens) are removed or excluded prior to packaging or use the custom builder --no-workspace/--no-skills options; (5) verify SHA256 files before trusting downloaded packages and prefer local packages you built yourself; (6) be aware the scripts may call external installers (get.docker.com) and will perform remote SSH operations if used with inventory — verify inventory and SSH behavior carefully. If you need the claimed 'automatic sensitive removal' guarantee, ask the maintainer for exact sanitization rules or extend the scripts to scrub additional file types before use.

Like a lobster shell, security has layers — review code before you run it.

automationvk978t30cjptfh0qkebf5m392sx83cwa0bashvk97b0t2je1c6gwyy3rd7ter83583cth6batchvk978t30cjptfh0qkebf5m392sx83cwa0deploymentvk978t30cjptfh0qkebf5m392sx83cwa0devopsvk978t30cjptfh0qkebf5m392sx83cwa0dockervk97b0t2je1c6gwyy3rd7ter83583cth6infrastructurevk97b0t2je1c6gwyy3rd7ter83583cth6latestvk9791vyx5b9vpmzwdje6nhtzeh83dqfkmigrationvk97b0t2je1c6gwyy3rd7ter83583cth6openclawvk978t30cjptfh0qkebf5m392sx83cwa0packagingvk97b0t2je1c6gwyy3rd7ter83583cth6

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Binsbash, tar, ssh

Comments