Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Ai Automation Workflows
v0.1.5Build automated AI workflows combining multiple models and services. Patterns: batch processing, scheduled tasks, event-driven pipelines, agent loops. Tools:...
⭐ 1· 3.9k·38 current·43 all-time
byÖmer Karışman@okaris
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill claims to build AI automation pipelines and the SKILL.md shows concrete Bash patterns using the inference.sh (infsh) CLI — this is coherent. Minor inconsistency: the header mentions 'Python SDK' and 'webhook integration' but the documented examples are only Bash/infsh; that's plausible but worth noting as a documentation mismatch.
Instruction Scope
The runtime instructions tell users to run 'curl -fsSL https://cli.inference.sh | sh' (execute a remote install script) and to run 'infsh login'. Executing a remote install script without manual verification is a high-risk instruction even though the doc points to a checksums page; the Quick Start uses the piped installer by default. The instructions also show creating cron jobs and writing logs to /var/log and an /output directory, which require appropriate filesystem permissions. The SKILL.md does not instruct the agent to read unrelated system files or secret env vars, but it does rely on interactive login to an external service that will generate local credentials.
Install Mechanism
There is no registry install spec, but the SKILL.md instructs installing a CLI via a remote script from cli.inference.sh which downloads binaries from dist.inference.sh. While the doc references SHA-256 checksums, the provided quick-start uses a direct 'curl | sh' pipeline (runs code from the network immediately). This pattern is higher risk than a package manager or verified release install because it executes remote code by default; the domains are service-specific (not a well-known central repo) which increases the need for manual verification.
Credentials
The registry metadata lists no required env vars or primary credential, but the instructions require running 'infsh login' (i.e., authenticating to the inference.sh service) and call models across different providers via the infsh CLI. The absence of declared credential variables in the metadata is a mild inconsistency: the skill relies on external service auth but does not declare what secrets will be used or where they will be stored.
Persistence & Privilege
The skill is not marked 'always' and is user-invocable (normal). The examples guide users to create cron entries and write to /var/log and /output, which are persistence actions that require filesystem permissions; the skill itself does not request elevated privileges in metadata, but following the examples could require sudo or privileged access depending on paths chosen. No instructions suggest modifying other skills or system configs beyond user cron/log files.
What to consider before installing
This skill appears to do what it says (build automation using the inference.sh CLI) but take precautions before installing or running examples: 1) Avoid blindly running 'curl | sh' — fetch the installer, verify the SHA-256 checksums against the listed checksums, and review the install script before executing. 2) Confirm where 'infsh login' stores credentials and whether those credentials grant access to other services; prefer using service-scoped API keys rather than broad accounts. 3) When creating cron jobs or logs, use directories you control (avoid writing to /var/log unless you understand permissions and implications). 4) Because the registry metadata doesn't declare required credentials, ask the publisher (or inspect the service docs) about what auth/account is required and what data is sent to inference.sh. 5) If you need stronger assurance, request the skill's source/homepage or prefer installing the CLI from a package manager or a verified release tarball you inspect first.Like a lobster shell, security has layers — review code before you run it.
latestvk97af0r3e9wknxcgqwy47qmyzn81dq48
License
MIT-0
Free to use, modify, and redistribute. No attribution required.