ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Clawhub Gomboc Security Main V0.2.0

v1.0.0

Automatically scan any codebase for security issues and generate deterministic, merge-ready fixes for continuous remediation via CLI, CI/CD, or agents.

0· 52·0 current·0 all-time
by@matthewsweeney
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The code and SKILL.md align with the stated purpose: a wrapper around a Gomboc GraphQL API to scan code and produce fixes. However the registry metadata claims 'Required env vars: none' while the documentation and CLI require a sensitive env var (GOMBOC_PAT). That metadata omission is an incoherence that could mislead users or automated approvals.
!
Instruction Scope
SKILL.md and the CLI instruct the agent to scan, generate, and optionally 'remediate' (commit/push) code. The CLI itself does not run local git operations — remediate calls an API mutation (applyFixes) and prints commit hashes returned from the server. It's unclear where commits/pushes actually happen (server-side using the token, or via the user's environment). The docs instruct running in CI (where runner git credentials exist) and also running an MCP server in Docker with the workspace mounted read-only — these behaviors conflict and should be clarified because they affect where code modifications occur and what credentials are needed.
Install Mechanism
No install spec; code is instruction-only plus small scripts that only use Python stdlib and Docker Compose. No external downloads or archive extraction are present in the package itself, which is low risk for local installation.
!
Credentials
The skill requires a sensitive bearer token (GOMBOC_PAT) for the API — that is expected for a remote scanning service. But the package metadata declares no required env vars (misleading). Additionally, remediation/auto-push semantics imply write access to repositories somewhere, but no repository credentials or details are requested or documented for where writes occur. This gap (missing declaration + unclear scope of where commit/push happen) is disproportionate and requires clarification.
Persistence & Privilege
The skill is not set to always:true and does not attempt to modify other skills or global agent config. It runs on-demand and is not persistently injected by metadata, which is appropriate.
Scan Findings in Context
[USES_ENV_GOMBOC_PAT] expected: The CLI reads GOMBOC_PAT from the environment and uses it as a Bearer token for api.app.gomboc.ai/graphql — expected for an API wrapper, but the registry metadata omitted this required env var.
[GRAPHQL_API_CALLS] expected: The code issues GraphQL queries/mutations (scan, generateFixes, applyFixes) to the remote API. This is consistent with the stated functionality; verify what rights the applyFixes mutation exercises on repositories.
[NETWORK_IO_URLLIB] expected: Use of urllib.request for network calls is expected. No obfuscated network endpoints were found; calls target https://api.app.gomboc.ai/graphql and docs reference app.gomboc.ai and docker image gombocai/mcp:latest.
What to consider before installing
Before installing or giving this skill a token: - Verify the GOMBOC_PAT requirement is intentionally missing from the registry metadata and ask the publisher to correct it. Treat the token as sensitive. - Understand where 'remediate' commits/pushes happen: the CLI calls applyFixes on the remote API, so ask the vendor how that mutation obtains repo push permissions (does Gomboc need a separate GitHub/GitLab token, or does it operate inside your CI runner?). Do not provide any repository write tokens until you confirm their usage model. - Run this skill in a safe, isolated repository first. Use 'scan' and 'fix' (inspect generated fixes) before enabling any auto-remediate or auto-push workflows. - Prefer scan-only CI runs or create PRs rather than allowing automatic pushes to protected branches; keep branch protection and mandatory PR review enabled. - Inspect the MCP Docker image (gombocai/mcp:latest) and the applyFixes server behavior if you plan to run it locally or on your network; ensure it cannot access secrets or write to workspaces unless you explicitly permit it. - If you need higher assurance, request the developer to: (1) declare GOMBOC_PAT in the package manifest, (2) document exactly where applyFixes writes commits and what credentials it uses, and (3) provide reproducible security audit artifacts or a source repository you can review. Confidence in this assessment is medium because the implementation is coherent with a legitimate remote remediation service, but the metadata omission and unclear commit/push semantics are non-trivial and should be resolved before trusting the skill with production repositories or credentials.

Like a lobster shell, security has layers — review code before you run it.

latestvk979waj8vxjeyx1x969jbzxhw583kxn3

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments