ClawHub

qapten essential tools

v1.4.6

Catalogue ferme de packages npm et pip pre-audites, installables a la demande avec versions pinnees et --ignore-scripts par defaut. Utilise quand l'utilisate...

1· 122·0 current·0 all-time
by@mikiane
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
Requires OAuth tokenRequires sensitive credentials
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
The name and description promise a curated catalogue for npm and pip packages. The declared requirements (npm and pip binaries) and the instructions (npm/pip install commands with pinned versions) match that purpose and are proportionate.
Instruction Scope
SKILL.md instructs the agent to run npm and pip installs from official registries, use --ignore-scripts by default, and only allow packages from the locked catalogue. There is a documented, explicit exception for sharp@0.33.5 which requires running install scripts with user confirmation. This exception is a documented deviation from the hardened default and is a legitimate functional need but increases runtime risk if the user confirms. The SKILL.md is truncated near the end (pip section), so I cannot verify whether additional instructions (e.g., telemetry, log uploads, or file reads) appear later.
Install Mechanism
This is an instruction-only skill with no install spec or code files, so nothing is written to disk by the skill itself. That is the lowest-risk install mechanism and appropriate for the claimed purpose.
Credentials
No environment variables, credentials, or config paths are requested. The required binaries (npm, pip) are reasonable for the task. The skill expects network egress to official registries (registry.npmjs.org, pypi.org, files.pythonhosted.org) which is proportional to installing packages.
Persistence & Privilege
The skill is not always-enabled and uses default model invocation semantics. It does not request system-level persistence or modifications to other skills' configs; this aligns with expected privileges for an on-demand installer.
Assessment
This skill appears coherent for a curated package installer, but take these precautions before enabling it: 1) Run it only in an isolated, ephemeral container (sandbox) because npm/pip installs download third‑party code; 2) Enforce the egress allowlist to the registries listed by the skill so installs cannot reach arbitrary domains; 3) Be aware of the documented exception (sharp@0.33.5) which requires running install scripts—the agent will request explicit confirmation for that, and you should review and approve only if you trust the build process; 4) Prefer the hardened pip mode (requirements-locked.txt with hashes) if you need stronger integrity guarantees; 5) Ask the maintainer or request the complete SKILL.md (the provided file is truncated) before installing — the missing content could contain additional instructions or behaviors that would change this assessment.

Like a lobster shell, security has layers — review code before you run it.

latestvk974k30hnrn1wkth4tn20wntp5851mbp

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

OSLinux
Binsnpm, pip

Comments