ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Freelancer Toolkit

v1.0.3

Toggl wants you to click Start, remember to click Stop, then manually build a timesheet at month-end. Freelancer Toolkit works the way freelancers actually t...

0· 96·0 current·0 all-time
by@nollio
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name, description, SKILL.md, README, and included scripts are internally consistent: the skill stores data under ~/.freelancer-toolkit and provides local reporting, exports, timers, and dashboard specs. However, the package metadata lists no required binaries while the scripts and README explicitly require jq and Bash 4+. That undeclared dependency is an incoherence.
Instruction Scope
Runtime instructions and scripts operate only on a single data directory (~/.freelancer-toolkit) and do not include network calls. The setup script may invoke the system package manager (brew/apt-get/yum) to install jq with explicit user confirmation, which is within scope but worth calling out. SKILL.md references handing off invoices to 'InvoiceGen Pro' but there is no concrete network integration code here — that is an aspirational/optional integration, not an implemented remote endpoint.
Install Mechanism
There is no external download or install spec — this is an instruction+script bundle shipped with the skill. That is lower risk than fetching arbitrary code. The only install-like behavior is setup.sh offering to install jq via the machine's package manager (with user prompt).
!
Credentials
The skill declares no required env vars or credentials, which matches its local-only design. However, the scripts depend on jq (and Bash 4+) even though metadata omitted that requirement. Also setup.sh can call sudo apt-get / yum if the user consents; this is expected for installing jq but elevates the potential impact if the user mistakenly authorizes it.
Persistence & Privilege
The skill does not request always:true and does not modify other skills or system-wide agent settings. It creates and manages files solely under ~/.freelancer-toolkit and sets restrictive permissions for that directory and JSON files in setup.sh, which is reasonable for a local data store.
What to consider before installing
What to consider before installing: - Dependency mismatch: The scripts require jq (and Bash 4+), but the skill metadata does not declare any required binaries. Make sure jq is installed before running setup, or be prepared to allow the setup script to install it via your package manager (it asks first, but may run sudo). If you don't want package installs, install jq yourself and rerun setup. - Local-only storage: All data is stored in ~/.freelancer-toolkit. The skill's files and scripts do not make network requests themselves, but your OpenClaw agent or any integrations you enable (LLM providers, InvoiceGen Pro) could send data elsewhere. Treat the data directory as sensitive and back it up/encrypt it as appropriate. - Bug/risk in scripts: The client-report and export-timesheet scripts use jq with multiple 'input' calls but pass files in an order that appears incorrect; as a result, reports/exports may be wrong or produce error messages. This is a logic bug, not evidence of data exfiltration, but it means outputs may be unreliable. Review and test the scripts in a safe environment before relying on them for billing. - Setup behavior: setup.sh will create ~/.freelancer-toolkit, set directory permissions (chmod 700) and file permissions (chmod 600). This is reasonable, but confirm these are acceptable on your system. The script will propose installing jq via system package manager if missing — only agree if you trust the environment and the package manager commands shown. - InvoiceGen Pro: The README/SKILL.md mention 'InvoiceGen Pro' handoff but there is no built-in network integration here. If you plan to connect to an external invoice tool, verify how data is transmitted and review that tool's permissions and privacy. Recommendations: 1. Inspect scripts (already included) and run them in a disposable environment or after backing up existing home data. 2. Install jq yourself (or confirm the setup prompt actions) rather than granting automatic package installs without review. 3. Test report/export scripts on a small dataset to confirm outputs are correct; consider fixing the jq input-order bug if you can or contacting the author for a patch. 4. Keep the data directory private (disk encryption, proper backups) and be mindful that your OpenClaw agent's other integrations or LLM calls may expose that data. If you want, I can point out the exact lines in the scripts that are likely buggy and suggest corrected jq invocation patterns.

Like a lobster shell, security has layers — review code before you run it.

latestvk97058rqe35z53v3bddc6kwnhx83yff7

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments