Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Craft CLI
v1.6.2Manage Craft documents via the craft CLI tool, supporting listing, searching, creating, updating, deleting, and exporting in JSON, table, or markdown formats.
⭐ 0· 2.1k·2 current·2 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The skill claims to integrate with the Craft CLI. That purpose is plausible, but the package asserts the craft binary is included in documentation/README while no binary is present in the file manifest. SKILL.md and README reference a craft binary and provide installation instructions, yet the helper script expects the binary at $HOME/clawd/skills/craft-cli/craft while SKILL.md recommends /usr/local/bin/craft. The registry version (1.6.2) disagrees with SKILL.md (1.6.0) and the install example (v1.0.0). These inconsistencies mean the files provided do not cleanly align with the stated purpose.
Instruction Scope
Runtime instructions are narrowly focused on using the craft CLI (list/search/get/create/update/delete). They tell the agent how to install and configure an API URL and include helper commands. No instructions ask the agent to read or exfiltrate unrelated host files or environment variables. However, the SKILL.md and helper script embed two specific API URLs (wavedepth and personal), which are external endpoints and likely carry access tokens in the URL — that is a scope decision (using pre-authorized links) that may be unexpected for users.
Install Mechanism
There is no install spec in the skill bundle (instruction-only), which is lower risk. The SKILL.md suggests downloading a binary from a GitHub release (a known host) but the release tag in the example (v1.0.0) doesn't match the registry version. The example binary is darwin-arm64 only, yet the skill has no OS restriction. Overall the install instructions are plausible but inconsistent and could mislead users into running the wrong binary for their platform.
Credentials
The skill declares no required env vars or credentials, which is reasonable for a CLI wrapper. But it includes hard-coded API URLs in SKILL.md and in craft-helper.sh (WAVEDEPTH_API, PERSONAL_API). Those URLs likely embed access tokens/links to specific Craft spaces. Embedding pre-authorized links for a 'personal' space is disproportionate: users should be alerted that the skill will configure the CLI to point at third-party spaces and should verify if those links are intended or sensitive.
Persistence & Privilege
The skill does not request persistent agent privileges (always: false) and is user-invocable. It does not modify other skills' configurations. No elevated platform privileges are declared.
What to consider before installing
What to check before installing:
- Do not run the curl | chmod | sudo mv commands blindly. Verify the GitHub release URL and checksum for the binary that matches your OS/arch. The example downloads v1.0.0 darwin-arm64 but the skill registry lists v1.6.2 — confirm which binary you need.
- The package manifest does not include a craft binary even though README and SKILL.md mention one. Expect to supply or install the binary yourself via the official project releases.
- The helper script assumes the binary lives at ~/clawd/skills/craft-cli/craft; SKILL.md recommends /usr/local/bin/craft. Decide where you will place the binary and edit the helper script or PATH accordingly.
- The skill contains two hard-coded API URLs (wavedepth and personal). Those look like pre-authorized links and may grant access to remote documents owned by the skill author. If you do not want your CLI configured to use those endpoints, do not run the helper script and instead set your own API URL via 'craft config set-api <url>'.
- Prefer installing the craft CLI from the official repository and verifying signature/checksum. If you proceed, inspect the helper script (it's short and readable) and replace embedded API links with your own or remove them.
If you want, I can:
- extract and summarize all inconsistencies (versions, paths) in a short checklist you can present to the maintainer;
- show exactly what to edit in craft-helper.sh so it uses /usr/local/bin/craft or $PATH instead of a hard-coded $HOME path.Like a lobster shell, security has layers — review code before you run it.
latestvk97asapwc6f1r2nrzq4bjapqn1800vn1
License
MIT-0
Free to use, modify, and redistribute. No attribution required.