ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Api Gateway

v1.0.0

Gateway universal para APIs. Conecta cualquier API REST/GraphQL con configuración simple. Gestiona autenticación, rate limiting y caching.

0· 787·0 current·0 all-time
byMiguel Guerra@miguelguerra200022-sudo
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name/description (universal API gateway with auth, rate limiting, caching) matches the instructions and examples. The SKILL.md shows appropriate features (endpoints, auth types, caching, rate limiting), so the claimed capability is generally coherent with the described functionality.
Instruction Scope
Instructions focus on configuring APIs via YAML and calling external endpoints (api add, api call, api get/post, logs, stats). They reference reading config files (e.g., apis/weather.yaml) and environment variable substitution (${WEATHER_API_KEY}). The instructions do not explicitly tell the agent to read unrelated system files, but they implicitly require access to user-provided config files and environment variables that are not declared in the skill metadata.
Install Mechanism
This is an instruction-only skill with no install spec and no code files; nothing is written to disk by the skill itself. That is the lowest-risk install mechanism.
!
Credentials
SKILL.md references multiple service credentials (WEATHER_API_KEY, GITHUB_TOKEN, SLACK_TOKEN, NOTION_API_KEY, DISCORD_TOKEN) and uses environment variable substitution in examples, but the skill's registry metadata declares no required env vars or primary credential. This mismatch is disproportionate and unclear: the skill implies it will need secret tokens for various third-party APIs but does not state how they will be provided, scoped, or stored.
Persistence & Privilege
The skill is not marked always:true, has no install step requesting persistent system changes, and does not request config paths or modify other skills. Autonomous invocation is allowed (default), which is normal, but this combined with the credential ambiguity increases risk.
What to consider before installing
This skill appears to be a documentation-only API gateway configuration guide, which is fine in principle, but it references many API tokens and YAML config files without declaring how those secrets are supplied or protected. Before installing or enabling this skill: (1) ask the publisher where config files and credentials are stored and who can access them; (2) require explicit, minimal environment variables only for the APIs you actually use (avoid placing broad tokens in a shared env); (3) run it in a restricted/sandboxed agent context if agents will call external APIs autonomously; and (4) verify logging and 'api logs' behavior so sensitive responses or tokens are not written to an unprotected log. If the publisher cannot explain where credentials are kept and how they are scoped, treat the skill as higher risk.

Like a lobster shell, security has layers — review code before you run it.

latestvk97527eyaejvxxpzs6xw4hsq598207f7

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🔌 Clawdis

Comments