ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Nex Vault

v1.0.0

Secure local contract and document vault for managing all business agreements and important documents with automatic expiration tracking and compliance alert...

1· 24·0 current·0 all-time
byNex AI@nexaiguy
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
CryptoCan make purchases
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name/description (local document vault + expiry alerts) matches the code: local SQLite storage, text/OCR extraction, clause parsing, cost tracking, and optional Telegram notifications. Required runtime binaries (python3, optionally pdftotext/tesseract) are appropriate for the stated purpose. One mismatch: the registry/SKILL.md list VAULT_TELEGRAM_TOKEN/VAULT_TELEGRAM_CHAT_ID whereas the code reads NEX_VAULT_TELEGRAM_BOT_TOKEN and NEX_VAULT_TELEGRAM_CHAT_ID (different names). Also the package is marked as 'instruction-only' yet includes source files and a setup.sh installer—an inconsistency in metadata but not necessarily malicious.
Instruction Scope
SKILL.md and README instruct running setup.sh, using the CLI, and optionally configuring Telegram tokens; runtime instructions stay within the vault's scope (creating local DB, extracting text, sending alerts via Telegram). The instructions do not instruct collecting or transmitting arbitrary system data beyond Telegram notifications. The code references only local files (home/.nex-vault) and api.telegram.org for notifications.
Install Mechanism
There is no registry install spec but a shipped setup.sh is included. setup.sh creates a local venv, installs python-docx and Pillow from PyPI, initializes the DB, and installs a user-level symlink. It does not download arbitrary archives from unknown hosts. This is moderate-low risk but the presence of an installer when metadata claims 'instruction-only' is an inconsistency to be aware of.
!
Credentials
The skill only needs Telegram credentials for optional notifications, which is proportionate. However the declared required env vars (registry SKILL.md: VAULT_TELEGRAM_TOKEN and VAULT_TELEGRAM_CHAT_ID) do NOT match the variable names the code reads (NEX_VAULT_TELEGRAM_BOT_TOKEN and NEX_VAULT_TELEGRAM_CHAT_ID, with NEX_VAULT_DATA also optionally respected). This mismatch could cause confusion (users may set the wrong env vars) and indicates sloppy packaging. No other unrelated credentials are requested.
Persistence & Privilege
The skill does not request 'always: true' and uses normal local install behavior: it creates ~/.nex-vault, a Python venv there, and a user-level symlink in ~/.local/bin. It sets restrictive permissions on the data directory. It does not modify other skills or system-wide configs beyond user-local files. Autonomous invocation of the skill by an agent is allowed by default (platform behavior) but is not combined with broad credential requests here.
What to consider before installing
This package appears to implement the described local vault, but packaging inconsistencies mean you should verify before installing: 1) Confirm which environment variables the code actually reads — search for NEX_VAULT_TELEGRAM_BOT_TOKEN and NEX_VAULT_TELEGRAM_CHAT_ID (these are used by the code). Do not assume VAULT_TELEGRAM_* vars will be picked up. 2) Run setup.sh only in a controlled environment (a disposable VM, container, or dedicated user account) so the installer (venv, DB, symlink) cannot affect unrelated data. 3) Limit the Telegram bot token's scope and rotate it after testing; the tool sends messages to api.telegram.org only. 4) Inspect the included setup.sh and Python files yourself (they are plain text) — they do not contain obfuscated or network-exfiltration code beyond Telegram calls. 5) If you will store sensitive contracts, ensure filesystem backups and permissions are appropriate (the tool creates ~/.nex-vault and sets 700 on it on Unix). 6) If you need the skill to integrate with your environment, update your environment variable names to match the code (NEX_VAULT_...) or modify lib/config.py to read the env vars you prefer. If you cannot verify these points, avoid installing in production until the packaging (metadata vs. code) is corrected.

Like a lobster shell, security has layers — review code before you run it.

latestvk977yfntrt0qmmj0ca6nx5h0gd849k46

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🔐 Clawdis
Binspython3
EnvVAULT_TELEGRAM_TOKEN, VAULT_TELEGRAM_CHAT_ID

Comments