ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Turso

v1.0.0

Manage Turso SQLite databases via CLI - databases, groups, tokens, replicas. Use when user mentions 'turso', 'libsql', 'sqlite edge', or wants to manage Turs...

0· 217·0 current·0 all-time
byMelvyn@melvynx
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description and the listed commands (db, group, org, plan, tokens) are coherent for a Turso CLI helper. The skill does not request unrelated credentials or config paths in metadata.
!
Instruction Scope
SKILL.md instructs running installation and authentication commands and obtaining tokens (turso auth login; turso auth token). While these are expected for a CLI helper, the instructions include creating non-expiring tokens and retrieving auth tokens—sensitive operations that an agent could misuse or exfiltrate if given access.
!
Install Mechanism
Although the frontmatter lists a brew install command, the Linux/WSL install guidance uses curl -sSfL https://get.tur.so/install.sh | bash which downloads and executes a remote script. Piping arbitrary install scripts to a shell is a high-risk pattern (remote arbitrary code execution). The registry metadata had no formal install spec despite the SKILL.md containing installation instructions, which is an inconsistency to note.
Credentials
The skill declares no environment variables or credentials in metadata (proportionate). However, its runtime instructions explicitly direct the user/agent to obtain auth tokens and even create non-expiring tokens—these are sensitive secrets and creation of long-lived tokens increases risk. The skill does not justify why non-expiring tokens would be necessary.
Persistence & Privilege
The skill is not marked always:true and does not request any persistent system-wide privileges in metadata. It is user-invocable only, which limits autonomous persistent presence.
What to consider before installing
This instruction-only skill looks functionally correct for managing Turso, but exercise caution before installing or running its commands: - Avoid running curl ... | bash from unknown hosts. Prefer package managers (brew) or verified release binaries (official GitHub releases) and inspect install scripts before executing. - Be careful with auth tokens: do not create or expose non-expiring tokens unless strictly necessary; treat tokens as secrets and store them securely. - Because this skill is instruction-only (no code to audit), the SKILL.md is the only guidance — a malicious installer or accidental exfiltration via token commands is possible. If you plan to use this with an autonomous agent, restrict the agent’s ability to run shell commands and to access secrets, and consider installing the Turso CLI manually on hosts you control before allowing the agent to use the skill. - If you need higher assurance, ask the skill author for a formal install spec (trusted release URLs) or a signed installer and for justification for non-expiring tokens.

Like a lobster shell, security has layers — review code before you run it.

latestvk976gbvzrf240nw5qmwp8dnnm582m0bx

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments