Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Clawd Modifier
v1.0.0Modify Clawd, the Claude Code mascot. Use this skill when users want to customize Clawd's appearance in their Claude Code CLI, including changing colors (blue Clawd, green Clawd, holiday themes), adding features (arms, hats, accessories), or creating custom ASCII art variants. Triggers include "change Clawd color", "give Clawd arms", "customize the mascot", "modify Clawd", "make Clawd [color]", or any request to personalize the Claude Code terminal mascot.
⭐ 2· 2.1k·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description (modify Clawd appearance) aligns with the provided scripts and references: patch_color.py and patch_art.py edit cli.js to change colors and ASCII art, extract_clawd.py extracts the current art, and assets/references document the expected patterns and locations.
Instruction Scope
Runtime instructions explicitly tell the agent/user to locate and edit /opt/node22/lib/node_modules/@anthropic-ai/claude-code/cli.js (and provide grep/sed examples). That scope is appropriate for the stated purpose but broad: scripts read/write system-wide package locations and the SKILL.md encourages manual sed edits. The instructions do not attempt to exfiltrate data or call external endpoints, but they grant broad discretion to modify application code and instruct using shell commands that can be destructive if misapplied.
Install Mechanism
There is no install spec and all code to run is bundled in the skill (Python scripts and reference files). No remote downloads, package manager installs, or extracted archives are used, which reduces supply-chain risk. The script bundle will be executed on-host by the agent or user, so review before running is still required.
Credentials
The skill requests no credentials or environment variables, which is proportionate, but it accesses and modifies system paths (multiple candidate cli.js and binary locations under /opt, /usr/local, user home dirs). Modifying files in these locations typically requires elevated privileges and can affect the application's integrity and updates (the SKILL.md notes npm update will overwrite changes). The ability to edit compiled binaries (patch_binary.py) amplifies risk if search/replace patterns mismatch.
Persistence & Privilege
The scripts perform persistent, on-disk changes: they write backups and then overwrite cli.js or binaries. While the skill does not set always:true or change other skills' configs, binary/cli modifications are persistent across restarts and package updates and can break update integrity or introduce unexpected behavior. patch_binary.py carries particularly high persistence and privilege implications.
What to consider before installing
This skill does what it says (edits the Claude Code CLI mascot), but it modifies installed application files — including an option to patch compiled binaries — which is potentially dangerous. Before using: 1) Verify the skill's source and trustworthiness; avoid running unknown scripts as root. 2) Inspect the scripts yourself (they're included) and prefer patch_color.py / patch_art.py that edit cli.js over patch_binary.py unless you fully understand the binary format. 3) Always create and verify backups; test in an isolated VM/container or a non-production account. 4) Use the --dry-run flags where available and confirm the exact target path (do not rely on defaults). 5) Be aware npm updates will overwrite these changes; consider maintaining local patches or forking the package instead of in-place edits. If you are not comfortable with manual file and binary patching, do not install/run this skill.Like a lobster shell, security has layers — review code before you run it.
latestvk97b0ncdccq08y0b0v1nw02dr17yw0yt
License
MIT-0
Free to use, modify, and redistribute. No attribution required.