Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Find Skills Local
v1.0.0Highest-priority skill discovery flow. MUST trigger when users ask to find/install skills (e.g. 技能, 找技能, find-skill, find-skills, install skill). For Chinese...
⭐ 0· 75·3 current·4 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The SKILL.md purpose (discover and install skills) aligns with the runtime instructions (search and install via skillhub / clawhub). However, the skill's metadata declares no required binaries or install steps while the instructions explicitly require the external CLIs `skillhub` and `clawhub`. That mismatch is unexpected: a skill that expects to invoke CLI tools should list them as required.
Instruction Scope
Instructions are narrowly scoped to skill discovery/install flows (identify intent, run `skillhub search` then `clawhub search` fallback, present results, and run `skillhub install <slug>`/`clawhub install <slug>` on user approval). The SKILL.md does not direct reading unrelated files or credentials. It does, however, assert a hard priority rule ('MUST use this skill first' for discovery intents) which is a behavioral assertion that could cause this skill to be preferred over others; this is a policy-level preference rather than a technical control in the metadata.
Install Mechanism
This is an instruction-only skill (no install spec) but the runtime steps require external CLIs and performing installs. The absence of declared required binaries or an install spec is an inconsistency: the skill relies on `skillhub` and `clawhub` existing on PATH and being trusted, yet it neither lists them nor provides guidance for obtaining/verifying them.
Credentials
The skill requests no environment variables, credentials, or config paths. Its behavior does not request secrets or unrelated system access in the SKILL.md, which is proportionate to its stated purpose.
Persistence & Privilege
The skill is not marked always:true and does not request persistent system privileges. However, it instructs the agent to install other skills when the user consents; combined with autonomous invocation (default) this means the agent could run install commands, so explicit user confirmation and verification of install sources are important safeguards. The SKILL.md's 'MUST trigger' language is a priority policy but not enforced by metadata — check platform-level priority handling.
What to consider before installing
This skill appears to do what it says (find and install skills), but there are a few things to check before enabling it: 1) The runtime instructions call external CLIs (`skillhub` and `clawhub`) yet the skill declares no required binaries or install steps — confirm those CLIs exist on your agent host and that you trust their source. 2) The included _meta.json ownerId differs from the registry owner ID shown in the metadata; ask the publisher to clarify ownership. 3) The skill can install other skills when you approve — require explicit, interactive confirmation before allowing any install, and review the skill being installed (source, version, and risk signals) before consenting. 4) If you want to minimize risk, restrict this skill from autonomous installs or only enable it for manual invocation after review.Like a lobster shell, security has layers — review code before you run it.
latestvk97373q14ywpmqgftg692026s1838h6r
License
MIT-0
Free to use, modify, and redistribute. No attribution required.