ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Exa Cli

v0.1.0

Manage Exa AI via CLI - search, contents, answer, context. Use when user mentions 'exa', 'web search', 'find similar pages', 'ai answer', or wants to interac...

0· 222·0 current·0 all-time
byMelvyn@melvynx
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name, description, and the listed commands in SKILL.md consistently describe a CLI wrapper for Exa search/answer/context functionality. No unrelated services, credentials, or binaries are requested in the metadata.
Instruction Scope
SKILL.md instructs the agent to install and run exa-cli and to set an auth token. The instructions do not ask the agent to read unrelated system files, other credentials, or user data, but they do instruct executing installers and linking ~/.local/bin into PATH and using an auth token (sensitive). The doc does not say where the token comes from or what scope it needs.
!
Install Mechanism
Although there is no formal install spec, the instructions tell the user/agent to run remote installers: `curl -fsSL https://bun.sh/install | bash` (piping a remote script to shell) and `npx api2cli install Melvynx/exa-cli` / `npx api2cli bundle exa`. These steps download and execute code from external sources at runtime and can run arbitrary code on the host — this increases risk and should be validated before running.
Credentials
The skill metadata requests no environment variables or credentials, which is proportionate. However, runtime instructions require calling `exa-cli auth set "your-token"`, meaning the user must provide a token. The skill doesn't declare how the token is obtained, its required scope, or secure storage recommendations — the token is sensitive and needs justification.
Persistence & Privilege
always is false (good). The `api2cli link` step will modify the user's PATH (e.g., adding ~/.local/bin) which is a persistent change to shell configuration. Other than that, the skill does not request elevated permissions or permanent background presence.
What to consider before installing
This skill appears to do what it claims (control Exa via its CLI), but the SKILL.md asks you to download and execute remote installers (via curl|bash and npx). Those commands can run arbitrary code on your machine. Before installing, verify the upstream sources (Melvynx/exa-cli, api2cli, bun.sh): inspect their repositories and installer scripts, confirm HTTPS URLs and signatures if available, and prefer installing in a sandbox/container or on a throwaway environment first. Treat the auth token as sensitive: find out where to obtain it, what scopes it grants, and avoid pasting it into a shared shell history or storing it in plain text. If you cannot review the installer code or confirm the package maintainers, do not run the curl|bash installer on production systems.

Like a lobster shell, security has layers — review code before you run it.

latestvk973xk905anmc50rhmdb0v1a3s82xrwq

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments