Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Dashboard Builder
v1.0.3Dashboard Builder is the construction kit for your entire NormieClaw setup. It reads skill specifications and scaffolds a complete, working Next.js dashboard...
⭐ 0· 68·0 current·0 all-time
by@nollio
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description, templates, and scripts line up with a dashboard scaffolder that reads skill manifests and generates a Next.js app backed by Supabase — that is coherent. However the registry metadata claims no required binaries or environment variables, while the SKILL.md and included scripts clearly require Node.js/npm, python3, and Supabase credentials (including SUPABASE_SERVICE_ROLE_KEY). The absence of these declared requirements is an inconsistency and reduces transparency.
Instruction Scope
SKILL.md and the shipped scripts operate over the local filesystem (finding the skill package via find / and searching $HOME/$PWD), copy templates into a project, generate SQL migrations from manifests, and run npm/npx commands. These actions are within scope for a scaffolder, but the scripts perform broad filesystem discovery (e.g., find /) and auto-generate SQL that may be pushed to a Supabase project. That grants the skill substantial ability to read local paths, write new project files, and alter a database — so users should verify manifests and generated SQL before executing push commands.
Install Mechanism
This is instruction-only (no remote download/install spec in registry). The scaffolding runs standard tools (npx create-next-app, npm install) and copies local template files from the skill package. There are no obscure remote URLs or archive extracts in the install flow. Network activity is limited to npm/npx (expected).
Credentials
The runtime requires Supabase credentials to initialize and push migrations; SKILL.md and scripts instruct users to create a .env.local containing NEXT_PUBLIC_SUPABASE_URL, NEXT_PUBLIC_SUPABASE_ANON_KEY, and SUPABASE_SERVICE_ROLE_KEY. Requesting the service role key is functionally necessary to generate and push database migrations, but it is a highly privileged secret (can bypass RLS). The skill metadata, however, declared no required env vars — a transparency mismatch. No unrelated external credentials are requested, but the presence of a service-role-level credential is significant and should be scoped to a throwaway/test Supabase project when possible.
Persistence & Privilege
The skill is not marked always:true and does not appear to modify other skills or global agent configuration. Its actions are limited to creating files in the user-chosen project directory, generating migrations, and optionally running database push commands. Those are expected for a scaffolding tool.
Scan Findings in Context
[ignore-previous-instructions] expected: The SKILL.md contains this pattern as part of an explicit 'Prompt Injection Defense' section that instructs the agent to treat manifests as data, ignore directive-like content, and never hardcode secrets. The flagged pattern appears to be present for defensive reasons rather than an attempt to override host instructions; still surface it to reviewers.
What to consider before installing
This package appears to be a legitimate dashboard scaffolder, but take these precautions before running anything: 1) The package's registry metadata omits requirements that the scripts actually need — ensure you have Node.js/npm and python3 available. 2) Do not run scripts that push database migrations against a production Supabase project. Create a throwaway/test Supabase project and use a short-lived service-role key if you need to exercise 'run-migrations' or 'db push'. 3) Review the generated SQL migration files (supabase/migrations/) and the generated app files before executing any push or deploy commands. 4) Be aware the scripts may scan the filesystem to locate the skill package (they run find across $PWD/$HOME and in some samples even /); run in a constrained environment (container, VM, or a dedicated dev machine) if you are uncomfortable with broad filesystem operations. 5) Confirm .env.local is in .gitignore and never commit SUPABASE_SERVICE_ROLE_KEY. 6) Prefer the provided dry-run options (where applicable) and step through 'add-skill' and migration generation manually. 7) If anything is unclear or you need to deploy for production, rotate keys after testing and conduct a code review of manifest parsing and migration generation. If you want, I can list the exact places to inspect in the templates/scripts or suggest safer commands to run first (dry-run checks, open generated SQL) before any network-facing operations.SETUP-PROMPT.md:8
Prompt-injection style instruction pattern detected.
SKILL.md:22
Prompt-injection style instruction pattern detected.
About static analysis
These patterns were detected by automated regex scanning. They may be normal for skills that integrate with external APIs. Check the VirusTotal and OpenClaw results above for context-aware analysis.Like a lobster shell, security has layers — review code before you run it.
latestvk97de5xq1m1n3fs89e83jzq3r583z6nn
License
MIT-0
Free to use, modify, and redistribute. No attribution required.