ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Noise Maker

v1.0.0

Aggregates and filters webhook alerts from multiple sources, correlates incidents by host, and escalates critical events via Telegram with rate limiting and...

0· 50·0 current·0 all-time
byMorten Bojer@mbojer
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The name/description and SKILL.md consistently describe an alert gateway that requires database credentials, Telegram credentials, HMAC secrets, and ability to bind a network endpoint (port 8090). However the registry metadata declares no required env vars, no binaries, and no install steps. That mismatch (describing heavy external integrations but requesting nothing) is incoherent and should be clarified.
!
Instruction Scope
Although this is an instruction-only skill (planning doc), the runtime design specifies reading/writing system paths (/opt/alert-gateway/buffer/, /opt/alert-gateway/cache/targets.json), storing raw alerts to a DB, writing startup-check.json into ~/.openclaw/skills/noise-maker/, and injecting a before_agent_start one-liner into agent context. Those are broad actions that go beyond simple in-skill operations and could change agent startup behavior and system state.
Install Mechanism
No install spec is included (low install surface). However the SKILL.md plans a Python/FastAPI service, Caddy route, and on-host buffers — implementation will require installation and elevated deployment steps on MB-OPENCLAW. The lack of an explicit install mechanism or verified release/source is a missing piece that increases risk because the actual code/install process is undefined.
!
Credentials
The architecture clearly requires secrets: DB credentials for MB-PGDB, Telegram API token(s), HMAC secrets per source, and potentially SSH/OS privileges to write /opt and ~/.openclaw paths. Yet the published metadata lists no required environment variables or primary credential. That discrepancy means the skill as published is incomplete and would later request sensitive credentials without prior disclosure.
Persistence & Privilege
always:false (good). But the design explicitly writes files under the skill directory and installs a before_agent_start hook that can inject context at agent startup. Writing self-owned files is normal, but injecting startup behavior and writing to /opt are persistence/privilege actions that should be reviewed and limited to least privilege.
What to consider before installing
This SKILL.md is a detailed design/plan, not an implemented skill. Before installing or running anything labeled 'noise-maker': - Ask the publisher for the implementation artifacts: a public code repository or packaged release, an explicit install script, and a list of exact env vars the implementation will require (DB_HOST/USER/PASS, TELEGRAM_TOKEN, HMAC secrets, etc.). - Do not provide credentials (DB, Telegram, HMAC secrets) until you can review the code and confirm secure secret handling (no plaintext storage, proper permissions, encryption at rest). - Confirm what files the skill will write and where (skill dir vs /opt). Prefer running the gateway on an isolated host/container rather than on your OpenClaw controller to limit blast radius. - Review any startup hook injection: get the exact hook content and rationale. Reject any opaque or remote-fetched code executed at agent startup. - Require least privilege: the gateway should only have access to the DB and tokens it needs; prefer scoped tokens and DB users with minimal rights. - If you must test, run it in an isolated environment (separate VM/container) with no production DB/credentials and with network access restricted. Because metadata currently lists no credentials or install steps while the design calls for many sensitive resources, treat this package as incomplete and verify the missing details before proceeding.

Like a lobster shell, security has layers — review code before you run it.

latestvk9719q8b22kyskha5fswpwxpch84b2g4

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments