ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Mova Contract Discovery

v1.0.1

Browse, search, and run public MOVA contracts from the community marketplace. Trigger when the user asks to find a contract, discover available contracts, se...

0· 39·0 current·0 all-time
bySergii Miasoiedov@mova-compact
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The SKILL.md explicitly says this is an 'Ecosystem Skill' that "Requires the `openclaw-mova` plugin" and describes operations that run public contracts on behalf of the user's org. However, the skill metadata declares no dependencies, no required binaries, and no required environment variables or credentials. Running contracts and listing connectors plausibly requires platform/plugin-level auth or connectors; the omission of any declared dependency or credential is an incoherence.
Instruction Scope
The runtime instructions are narrowly scoped to: search (mova_discover_contracts), inspect, run (mova_run_contract), handle HITL (mova_hitl_decide), and check run status. They do not instruct reading unrelated files or exfiltrating data. They do rely entirely on external tools provided by the `openclaw-mova` plugin (tool calls are explicit).
Install Mechanism
This is an instruction-only skill with no install spec and no code files, so nothing will be written to disk by an installer. That's the lowest-risk installation model.
!
Credentials
The skill claims the ability to run contracts 'on behalf of the user's org' and references checking 'the contract's required connectors', but it declares zero environment variables, credentials, or config paths. Either the platform or the missing 'openclaw-mova' plugin must supply auth, but the skill metadata does not document this. The absence of declared credentials/config for an action that normally requires auth is disproportionate/unexplained.
Persistence & Privilege
always:false (default) and there is no install/persistence. The skill can be invoked autonomously by the agent (disable-model-invocation:false) which is the platform default; combined with the credential/permission gaps noted above this increases the importance of verifying how auth is enforced, but the skill itself does not request elevated persistence.
What to consider before installing
Before installing or enabling this skill: (1) Confirm that the 'openclaw-mova' plugin (or equivalent provider of the mova_* tools) is actually required and available in your agent environment — the SKILL.md states this requirement but the skill metadata does not declare it. (2) Ask how authentication and org-scoped permissions are handled when running contracts — who supplies the org credentials, connectors, and consent, and where are tokens stored? The skill's ability to 'run contracts on behalf of the user's org' should map to a documented auth flow. (3) Verify that the platform enforces the skill's own rule to confirm with the user before any run (don't rely solely on prose in SKILL.md). (4) If you plan to run contracts, start with non-production/test contracts and review audit logs and connector scopes. (5) If the publisher or source is unknown, treat this as higher risk until you can confirm the dependency and auth model — the mismatch between declared metadata and SKILL.md raises uncertainty about how and with what privileges the skill will act.

Like a lobster shell, security has layers — review code before you run it.

latestvk97exswpfmd2s8210ebd870mys8426v6

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments