ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Clawmobile Skill

v1.0.1

ClawMobile - 完整的 Android 自动化工具包,深度集成 AutoX.js。 提供工作流管理、任务录制、AI 智能干预、会员系统、HTTP API 通信等完整功能。 支持自动化测试、RPA 流程自动化、移动应用交互等场景。 适用场景:自动化测试、批量操作、流程录制和回放、无人值守任务、移动应用 RPA。

0· 53·0 current·0 all-time
bysundayplus@miyan1221
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description describe an AutoX.js-based Android automation toolkit. Required binaries (adb, python3, curl) and required env vars (CLAWMOBILE_API_URL, CLAWMOBILE_API_TOKEN) are consistent with that purpose. However, SKILL.md lists a repository URL while the skill metadata shows 'Source: unknown' and no homepage — repository/source mismatch is suspicious and should be verified.
!
Instruction Scope
SKILL.md instructs the agent to install/clone, restart the gateway, and create .env files containing API URL/token — these are expected for this type of skill, but the packaged test/validation scripts reference files/modules that are not present in the file manifest (e.g., skill.membership, VERSION, docs), and some code snippets appear buggy (e.g., use of undefined start_time in api_server subroutines). The instructions and shipped scripts therefore go beyond a clean integration and may fail or behave unpredictably.
Install Mechanism
There is no formal install spec (instruction-only), which is lowest-risk insofar as nothing is auto-downloaded by the platform. SKILL.md suggests git clone / wget from public hosts (GitHub/Gitee) — those hosts are normal, but the clone URLs in docs contain placeholders (gitee.com/your-repo) and a different repository is referenced in multiple places. The presence of local setup/test/validate scripts means files will be executed locally if the user runs them; verify URLs and repository origin before running.
!
Credentials
The skill only requires CLAWMOBILE_API_URL and CLAWMOBILE_API_TOKEN, which is proportionate. However, config/settings.yaml contains a hardcoded default_token ('clawmobile-secret-token-change-in-production'), and the CHANGELOG claims 'No hardcoded secrets in code' — this is contradictory. Hardcoded default tokens in shipped config are a security risk and reduce trustworthiness; confirm there are no other embedded secrets and avoid using production credentials until verified.
Persistence & Privilege
The skill does not request 'always: true' and uses normal autonomous invocation settings. It does not declare system-wide config changes or elevated privileges beyond requiring ADB and network permissions for Android automation. Nothing in the package requests persistent platform-level inclusion.
What to consider before installing
Do not install or run this skill until you confirm its origin and fix the inconsistencies. Specifically: - Verify the upstream repository and publisher (SKILL.md references GitHub/Gitee but metadata says source unknown). Only clone from a verified repository. - Inspect and remove or rotate the hardcoded default token in config/settings.yaml before using; never use a production credential as CLAWMOBILE_API_TOKEN until you audit the code. - Be cautious running the included setup/test/validate scripts: they will create files (.env), install Python packages, and attempt to run tests. Run them in a sandboxed environment (VM/container) and review scripts first. - Note that test/validate scripts reference missing modules/files (skill.membership, VERSION, docs). This indicates the package may be incomplete or stale; expect runtime errors. - If you must proceed, set CLAWMOBILE_API_URL to a local/test AutoX.js instance and use a throwaway token. Prefer manual code review (client.py, executor.py, api_server.py, models.py) to ensure no unexpected data exfiltration or hidden network endpoints. If you want, I can: (a) scan the visible Python files for usage of environment variables and external network calls, (b) point out exact lines with the hardcoded token and other suspicious code, or (c) produce a checklist you can follow to safely test this skill in a sandbox.

Like a lobster shell, security has layers — review code before you run it.

latestvk979qnyf85fdgsfew4wqn8cvqn8444g7

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Binsadb, python3, curl
EnvCLAWMOBILE_API_URL, CLAWMOBILE_API_TOKEN

Comments