ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Kannaka Eye

v1.0.1

Glyph viewer that renders the SGA geometric fingerprint of any data as a stunning multi-layer canvas visualization. Takes text, files, or raw bytes and produ...

0· 308·0 current·0 all-time
byNick Flach@nickflach
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The SKILL.md claims a single-file Node.js server (server.js) that provides upload/processing endpoints, but the package does not include server.js or any JS server source — only a CLI wrapper (scripts/eye.sh), README, SKILL.md and metadata. _meta.json lists a dependency on 'flux' and optional binaries while the actual code implementing network behavior is absent. This mismatch suggests the published bundle is incomplete or altered; you cannot verify the server's behavior from the provided files.
!
Instruction Scope
The runtime instructions tell the agent/user to run ./scripts/eye.sh which invokes node server.js; since server.js is not present we cannot validate the described endpoints (/api/process, /api/radio, /api/constellation) or confirm claims such as "uploads processed in-memory only". The docs also describe optional publishing of glyph.rendered events to a Flux URL (FLUX_URL) — enabling that would transmit data off-host. The SKILL.md references auto-detection of a native binary at ../kannaka-memory/target/release/kannaka.exe which reaches outside the repo and could cause the service to invoke external binaries if present.
Install Mechanism
No install spec (instruction-only) and a small shell wrapper are provided, which is low-risk in itself. However, because the main server code is missing from the bundle, the claimed "zero dependencies" server cannot be validated; if the real server is fetched or replaced at runtime, that would increase risk. The provided scripts themselves are benign shell wrappers that start/stop node, use lsof/netstat to find a process, and call kill.
Credentials
Declared requirements are minimal (node only) and optional environment variables (KANNAKA_BIN, EYE_PORT, RADIO_PORT, FLUX_URL, FLUX_AGENT_ID) align with the described functionality. The primary proportionality concern is FLUX_URL: if set, the skill would (per its docs) publish events remotely, which could leak processed or uploaded data. The auto-detect path for KANNAKA_BIN points outside the project and could cause the service to execute a local native binary if present.
Persistence & Privilege
The skill is not always-enabled and is user-invocable (defaults). There is no install step that writes persistent system-wide config in the provided files. Nothing in the bundle requests elevated or persistent privileges. Autonomous invocation is allowed by default but not accompanied here by other high-risk signals.
What to consider before installing
Do not run this skill as-is. The package is missing the server.js implementation the README and SKILL.md describe, so you cannot audit network or file-handling behavior. Ask the publisher for the full server source (server.js) and verify it locally before running. If you do run it, keep FLUX_URL unset unless you trust the remote endpoint (setting it would cause the skill to publish glyph events remotely and could leak processed input). Also verify any native KANNAKA_BIN auto-detection path and review what that binary does before allowing it to be used. If you cannot obtain and review server.js, treat the skill as incomplete/untrusted.

Like a lobster shell, security has layers — review code before you run it.

latestvk97cjm369zrefppm961g0z58nd82mm5j

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Bins[object Object]

Comments