Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Agent Gateway
v1.0.0Smart multi-model routing — use Claude, GPT, Gemini, or local Ollama models with automatic cost optimization, fallback chains, and usage tracking.
⭐ 0· 35·0 current·0 all-time
byBlossom@mackding
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill claims a full-featured multi-model gateway (routing, cost optimization, health checks, OpenAI-compatible API), but the repository only contains a short wrapper script that prints messages and a SKILL.md that instructs the user to run an external npm package (npx @claws-shield/cli). There is no code implementing the gateway included in the skill bundle and no homepage or repository URL to verify the upstream project.
Instruction Scope
SKILL.md instructs the agent/user to run 'npx @claws-shield/cli gateway --port 8787' or to run the included node script. The included script does not start a server; it only prints messages. The instructions also ask for provider API keys (ANTHROPIC_API_KEY, OPENAI_API_KEY, GEMINI_API_KEY) and assert 'privacy: never phones home' — that claim cannot be verified from the provided files. The skill's runtime instructions therefore direct the agent to fetch and execute external code and to provide credentials that are not reflected in the declared metadata.
Install Mechanism
There is no install spec in the skill itself; instead the SKILL.md tells the user to run 'npx', which dynamically downloads and executes code from the npm registry. Running npx against an unknown package can execute arbitrary code on the host. Because the skill lacks a homepage, repo, or checksum for that package, the instruction to use npx is a medium-to-high risk action.
Credentials
The skill metadata declares no required environment variables, but SKILL.md requires ANTHROPIC_API_KEY, OPENAI_API_KEY, and GEMINI_API_KEY for its functionality. This is an explicit inconsistency: the skill requests sensitive credentials in instructions but does not list them in its declared requirements. Requesting multiple provider API keys is plausible for a gateway, but the omission from metadata and the lack of included code to justify how those keys are used is suspicious.
Persistence & Privilege
The skill is not marked 'always: true' and does not request elevated or persistent system-wide privileges. The included script does not modify system configuration. Autonomous invocation is allowed (default) but is not by itself a red flag here.
What to consider before installing
This skill is inconsistent: it advertises a local gateway but doesn't ship the gateway code and tells you to run 'npx @claws-shield/cli', which will fetch and execute code from npm. Before installing or running anything: 1) Ask the publisher for the upstream repository/homepage and a reproducible install artifact (repo URL, signed release, or package checksum). 2) Require the skill metadata to list the environment variables it needs (the SKILL.md references ANTHROPIC_API_KEY, OPENAI_API_KEY, GEMINI_API_KEY). 3) Audit the npm package contents (or prefer an alternative from a known source) and don't run npx on an unknown package on a production machine — run it in an isolated sandbox instead. 4) If you must provide API keys, apply least privilege and monitor usage (rotate keys after testing). 5) If the vendor claims 'never phones home', ask for source code or network logs to verify; absence of local gateway code in the skill bundle makes that claim unverifiable.Like a lobster shell, security has layers — review code before you run it.
latestvk97axcyks6ak6zh5azdyrf6h69840fd7
License
MIT-0
Free to use, modify, and redistribute. No attribution required.