Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Clawhub
v1.6.0ClawBrain v1.6 — 更准、更稳、越用越懂你的大模型。记忆系统 + 数据保真 + 自动容错 + 输出验证。21 场景评测第一。
⭐ 0· 168·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill claims to provide orchestration, memory, error-recovery and output verification for OpenClaw and the SKILL.md content consistently describes wiring OpenClaw to a ClawBrain backend (api.factorhub.cn / clawbrain.dev). That purpose matches the actions described (editing OpenClaw config, calling model endpoints). However, some sub-skill files declare use of CLI exec/curl while the overall package metadata listed no required binaries or credentials — a mild mismatch between declared requirements and the actual instructions.
Instruction Scope
The runtime instructions direct you to edit ~/.openclaw/openclaw.json to paste an API key and to restart the gateway, and several subskills include command-dispatch: exec with curl calls to external endpoints (e.g., api.factorhub.cn). The skill also tells you to run 'clawhub install' (an external installer). These actions involve storing and using credentials and making network requests to third-party services; the top-level metadata did not declare a primary credential or that network access/CLI usage would be needed.
Install Mechanism
There is no formal install spec (instruction-only), which is lowest-risk in isolation. But the docs recommend running 'clawhub install clawbrain-boost' and restarting the gateway — those steps will fetch and install components outside this package and are not further described here. Because the skill points users at an external installer and dashboard, you should inspect what 'clawhub install' actually downloads before running it.
Credentials
The package metadata declares no required environment variables or primary credential, yet instructions tell users to obtain an API Key from clawbrain.dev and paste it into ~/.openclaw/openclaw.json; subskills demonstrate curl calls using 'Authorization: Bearer YOUR_KEY'. That mismatch (no declared credential while instructing credential storage/use) reduces transparency. Also, the skill references external domains (api.factorhub.cn, clawbrain.dev) — storing your API key for those services should be a deliberate trust decision.
Persistence & Privilege
always is false and the skill is user-invocable; there is no request for permanent/global privileges in the manifest. The package does instruct editing the user's OpenClaw config and restarting the gateway — normal for a model integration — but those are user-driven actions, not automatic persistence requested by the skill itself.
What to consider before installing
This skill appears to be an adapter that wires OpenClaw to a third‑party ClawBrain service. Before installing: (1) Verify the external endpoints (api.factorhub.cn and clawbrain.dev) and the linked GitHub repo yourself — don't blindly paste your API key. (2) Inspect what 'clawhub install' will download/run (it is not included here). (3) Consider creating a limited/test API key (or usage-limited account) rather than your primary key. (4) Be aware some included subskills expect the curl binary and will make outbound requests; decide whether you trust the provider with the data and keys that will be sent. If you want, provide the actual 'clawhub' installer source or the clapbrain repo link for a deeper review — that would raise confidence and could change this assessment.Like a lobster shell, security has layers — review code before you run it.
latestvk978gr30cwmd77vnyez8ff18xh84tjyj
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
🧠 Clawdis