ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Overledger

v1.0.2

Overledger integration. Manage data, records, and automate workflows. Use when the user wants to interact with Overledger data.

0· 85·0 current·0 all-time
byMembrane Dev@membranedev
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name/description claim an Overledger integration and the SKILL.md states it needs network access and a Membrane account, which is coherent at a high level. However, the registry lists no required credentials or config paths despite the account requirement, and the SKILL.md contains a very large, generic list of entities (ontology) that is far broader than an obvious minimal Overledger integration.
!
Instruction Scope
This is an instruction-only skill but the runtime doc is vague and appears to be a large, generic data model rather than precise step-by-step instructions. The skill references external endpoints (getmembrane.com, docs.quant.network). It does not declare exactly which API endpoints, which credentials or secrets will be used or whether the agent should send user data to third parties — granting the agent broad discretion increases risk.
Install Mechanism
No install spec and no code files are present, so nothing is downloaded or written to disk by the registry install process (lower risk).
Credentials
The skill advertises needing a Membrane account but the package metadata lists no required environment variables or primary credential. This is not necessarily malicious (the skill could prompt for credentials at runtime), but it is under-specified: users should know exactly which secrets/tokens will be requested and how they are handled.
Persistence & Privilege
always is false and the skill is user-invocable; it does not request permanent/platform-wide privileges. Autonomous invocation is permitted by default (not flagged here) but combined with vague instructions it raises the need for caution at runtime.
What to consider before installing
This skill lacks concrete runtime details. Before installing or enabling it, ask the author: (1) exactly which API endpoints it will call and what data will be sent; (2) what credentials or tokens it requires, how you supply them, and whether they are stored; (3) whether it logs or transmits any unrelated local data; and (4) for a link to the source files or repository commit so you can review the exact instructions. If you must test it, do so with a limited/sandbox Membrane account and avoid providing high-privilege secrets until you verify behavior. If the maintainer cannot provide clear answers, treat the skill as higher risk and avoid installation.

Like a lobster shell, security has layers — review code before you run it.

latestvk970j000mwj58sn56pmmykfabh842v31

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments