ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Drive File Relay

v1.0.0

Copy (relay) a local file from this machine into Google Drive for desktop (GoogleDriveFS) so it can be downloaded from a phone when the phone is not on the s...

0· 0·0 current·0 all-time
by@neo1307
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name and description (relay a local file into Google Drive for desktop) align with the instructions to detect a DriveFS mount, copy a file, and verify SHA256. Requesting no cloud credentials is proportionate because it relies on a locally-mounted Drive. Minor mismatch: the SKILL.md assumes Windows (G: drive, PowerShell) but the skill metadata has no OS restriction.
!
Instruction Scope
The SKILL.md limits actions to locating the DriveFS mount, copying the file, and verifying SHA256, which is in-scope. However it explicitly instructs running a PowerShell script with -ExecutionPolicy Bypass (scripts/drive_relay.ps1) but the bundle contains no script files. That implies the agent must find/run a script from the host or an external source — a gap that could lead to arbitrary code execution if resolved insecurely. The instructions also permit access to arbitrary local file paths (expected for the purpose) but this increases risk and should be constrained to user-approved paths.
Install Mechanism
There is no install spec and no files included (instruction-only), so nothing is written to disk by the skill itself. This is low install risk. However the SKILL.md's script invocation implies a dependency on an external script that is not provided—an operational inconsistency rather than an install mechanism in the package.
Credentials
No environment variables, credentials, or config paths are requested. This is proportionate: copying into a locally-mounted Drive does not require additional service credentials.
Persistence & Privilege
The skill is not marked always:true and uses default autonomous invocation settings. It does not request persistent presence or modify other skills' configurations.
What to consider before installing
This skill's purpose is reasonable, but the runtime instructions reference running 'scripts/drive_relay.ps1' with PowerShell -ExecutionPolicy Bypass while the package contains no script—that is the main red flag. Before installing/using: 1) Do not run anything that uses ExecutionPolicy Bypass without inspecting the script; require the exact script file and review its contents for unsafe behavior. 2) Ask the publisher for the missing scripts or provide your own trusted implementation; do not fetch and run a script from an unknown URL. 3) Restrict the skill to Windows hosts (it assumes G: and PowerShell) or update the metadata to avoid accidental runs on other OSes. 4) Limit which local paths the agent may access and require explicit user confirmation for each file to avoid accidental exfiltration of sensitive files. 5) Test with a small harmless file first. If you cannot obtain and audit the referenced PowerShell script, treat this skill as incomplete and avoid enabling it.

Like a lobster shell, security has layers — review code before you run it.

latestvk973vygqytpeebkbg3d7pwnadd850n5f

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments