ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

GIGO · Lobster Local

v1.2.4

🦞 GIGO · gigo-lobster-local: 本地模式:跑完整评测,但不上云、不注册个人结果页,证书二维码回到官网首页。 Triggers: 本地试吃龙虾 / 离线试吃龙虾 / local lobster taste / offline lobster taste.

0· 62·1 current·1 all-time
byMengkun Liang@mengkunliang
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
Crypto
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description: local-only benchmark. The codebase contains cloud-capable modules (GatewayClient, score_uploader, session_client, version_checker, task_fetcher) and will attempt remote checks unless explicitly run offline; this can be legitimate (a unified repo used for multiple modes), but it means the package is not strictly 'local-only'. The required binaries (python) and absence of required env vars are proportional to the stated purpose.
!
Instruction Scope
SKILL.md instructs the agent to run the wrapper and explicitly forbids 'inspect the whole repo' or switching to main.py, and it prescribes specific log-tail behavior and a single log path under ~/.openclaw/workspace. That reduces transparency and could hide unexpected behavior. It also instructs the agent to stay attached and monitor the process (15–25 minute runs) which is normal for long tasks but combined with the 'do not inspect' rule is concerning.
Install Mechanism
No install spec (instruction-only wrapper) and required Python packages are included in requirements.lock.txt; nothing is downloaded during install. This is lower install risk.
Credentials
The manifest declares no required credentials or config paths and only needs Python. However the code references environment variables (GIGO_REQUIRE_PNG_CERT, GIGO_GATEWAY_MOCK, GIGO_LOBSTER_NAME/TAGS, etc.) and will reach out to a gateway and cloud endpoints for version checks and task fetching unless --offline is used. No unrelated secret access is requested, but network access is implied and should be expected.
Persistence & Privilege
always:false and the skill does not request system-wide modifications. Checkpoints and outputs are written to the skill's workspace output directory as expected; no elevated persistence or cross-skill configuration changes are requested.
Scan Findings in Context
[unicode-control-chars] unexpected: A prompt-injection pattern was detected inside SKILL.md (unicode control characters). This can be used to manipulate agent behavior or evade simple scanners. The presence of explicit instructions that discourage repository inspection increases the relevance of this finding.
What to consider before installing
This skill is plausibly a legitimate local-only runner, but it contains cloud-capable code and explicit runtime instructions that tell the agent not to inspect the repo — a combination that reduces transparency. Before installing or running: (1) Inspect score_uploader.py, gateway_client.py, session_client.py, and version_checker.py to confirm they don't send sensitive data; (2) run the skill with --offline and/or in an isolated environment (container or VM) first; (3) run python main.py --doctor to see what network calls and missing deps are reported; (4) prefer run_local.py which sets upload-mode=local and auto-yes, but be aware version checks may still run unless you set --offline; (5) monitor outbound network connections while running, and review outputs under ~/.openclaw/workspace/outputs/gigo-lobster-local. If you are not comfortable auditing the code, run only in a sandboxed environment or avoid installing.
!
scripts/tasting_config.json:3
Install source points to URL shortener or raw IP.
About static analysis
These patterns were detected by automated regex scanning. They may be normal for skills that integrate with external APIs. Check the VirusTotal and OpenClaw results above for context-aware analysis.

Like a lobster shell, security has layers — review code before you run it.

latestvk97965bfma6fqaes6yx5ywam5d84x229

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🦞 Clawdis
OSmacOS · Linux · Windows
Any binpython3, python, py

Comments