Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Vaultwarden Secrets
v1.0.1Manage Vaultwarden secrets with wrapper scripts for session handling, caching, logging, and scoped read/write operations in collections or personal vaults.
⭐ 0· 33·0 current·0 all-time
byMorten Bojer@mbojer
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The skill claims to manage Vaultwarden secrets and the scripts do that, but the package metadata declares no required binaries or environment variables while SKILL.md and the scripts require the Bitwarden CLI (bw), jq, and BW_CLIENTID/BW_CLIENTSECRET/BW_PASSWORD plus optional VW_* env vars. The metadata omission is an incoherence — a user installing this skill would legitimately need bw and jq and the listed env vars.
Instruction Scope
Runtime instructions and scripts are narrowly scoped to call the bw CLI and jq and to read/write session, cache, and log files under $VW_SESSION_DIR and VW_LOG_FILE. The scripts do not contain obvious network calls beyond bw (which communicates with the configured Vaultwarden server). However SKILL.md recommends a specific server URL (https://vaultwarden.mbojer.dk) as the example; ensure you configure your intended server. The scripts also write logs (names/IDs/operation outcomes) and session tokens to disk, which is expected for this purpose but should be reviewed for exposure risk.
Install Mechanism
This is instruction-only (no install spec), but SKILL.md instructs users to globally install a pinned bw CLI via npm (npm install -g @bitwarden/cli@2023.10.0). The scripts also require jq, but SKILL.md/registry metadata do not explicitly declare jq as a prerequisite. The missing dependency declarations and requirement to install a specific (older) CLI version are mismatches that users should validate before following.
Credentials
The skill requires sensitive env vars (BW_CLIENTID, BW_CLIENTSECRET, BW_PASSWORD) which are proportionate to logging in/unlocking Vaultwarden, but the registry metadata lists no required env vars — an inconsistency. Defaults for session and log paths (/run/openclaw/vw, /var/log/openclaw/vaultwarden.log) may require elevated permissions and could expose metadata if the log file is not properly protected. The number of env vars is reasonable for the stated purpose but must be handled securely.
Persistence & Privilege
The skill is user-invocable, not always-enabled, and allows normal autonomous invocation. It stores session tokens and caches in its own session directory and does not modify other skills or global agent configuration. No excessive persistence privileges are requested.
What to consider before installing
This skill appears to implement the advertised Vaultwarden wrappers, but the registry metadata and SKILL.md disagree: the scripts require the Bitwarden CLI (bw) and jq plus sensitive env vars (BW_CLIENTID, BW_CLIENTSECRET, BW_PASSWORD) even though the registry lists none. Before installing: 1) verify and accept installing/using bw CLI (SKILL.md pins an older version 2023.10.0) and install jq; 2) do not supply your real secrets until you confirm the server URL and have reviewed the scripts — they write session tokens and logs to disk (defaults: /run/openclaw/vw and /var/log/openclaw/vaultwarden.log); change VW_SESSION_DIR and VW_LOG_FILE to secure locations if needed and ensure log file permissions are restricted; 3) consider testing in a non-production environment and audit that logs do not leak secret values; 4) ask the publisher to update registry metadata to list required binaries and environment variables (the current mismatch is a red flag).Like a lobster shell, security has layers — review code before you run it.
latestvk97a0tvnq635pn5hp09aqf2bsn845pq5
License
MIT-0
Free to use, modify, and redistribute. No attribution required.