ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Clawstatus Dashboard

v2.4.0

Install, update, run, and verify the public ClawStatus dashboard from GitHub. Use when an agent needs to deploy ClawStatus locally or on a LAN host, refresh...

0· 276·0 current·0 all-time
byNever@neverchenx
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The SKILL.md and included script do what the name/description promise (clone the public ClawStatus repo, install it, and verify the web UI). However the package metadata declares no required binaries or env vars while the instructions/scripts rely on git, python3/pip, curl, and optionally systemctl/xdg-open. That metadata omission is inconsistent.
!
Instruction Scope
Instructions tell the agent to clone a repo and run `python3 -m pip install -e` and to interact with systemd and curl. The install script reads an optional REPO_URL environment variable (not declared in metadata), meaning the source can be overridden at install time. Installing unreviewed Python code can run arbitrary code during install; the instructions give broad discretion to modify the install source via env.
!
Install Mechanism
No formal install spec (instruction-only) and the script clones from GitHub (an expected source). The risk comes from `python3 -m pip install --user --break-system-packages -e "$TARGET_DIR"`: editable installs execute package build/install logic and `--break-system-packages` weakens protections. Cloning from GitHub is reasonable, but installing code from an unreviewed repo is potentially dangerous.
!
Credentials
The skill declares no required env vars, but the script consults REPO_URL if set. That environment access is not documented in metadata or SKILL.md. There are no credential requests, which is proportional, but the undisclosed REPO_URL override is a notable gap.
Persistence & Privilege
The skill does not request always: true and doesn't attempt system-wide changes in the manifest. However the pip editable install will create a persistent Python package in the user's environment and may run code on import or during install — this is normal for installation but increases persistent footprint and risk if the source is untrusted.
What to consider before installing
This skill is coherent in purpose (it clones and installs the dashboard) but has a few red flags you should consider before installing: (1) The script requires git, python3/pip, curl and optionally systemctl/xdg-open but the metadata doesn't declare them — ensure your environment has the right tools. (2) The install runs `pip install -e` from the cloned repo; that step can execute arbitrary code at build/install time. Only install if you trust the GitHub repo; review its contents (setup/build scripts, service files) first. (3) The script accepts a REPO_URL env var (not documented); avoid setting it to an untrusted location. (4) Prefer testing inside a disposable VM, container, or a non-privileged user account, and inspect/validate any systemd service files before enabling or restarting services.

Like a lobster shell, security has layers — review code before you run it.

latestvk97bgcxcz0n31h0ttd7sz1z1zh82wmkx

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments