ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

O

v0.0.0

Decode and interpret mysterious encoded text blocks containing complex symbols and characters.

0· 46·0 current·0 all-time
by𖣠⚪𔗢⚪🞋⚪𔗢⚪𖣠◦୦◦◯◦୦◦⠀⠀⠀⠀⠀⠀◦୦◦◯◦୦◦𖣠⚪𔗢⚪🞋⚪𔗢⚪𖣠@oooo00000000oooo
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description (decode mysterious encoded text) matches the presence of large encoded blocks in SKILL.md, but the skill does not include any decoding instructions, examples, or declared tools — so the declared purpose is plausible but under-specified.
!
Instruction Scope
SKILL.md is mainly encoded payload/data rather than actionable runtime instructions. There are no explicit steps telling the agent which decoding methods to use, whether network/CLI tools are permitted, or how to handle outputs. This vagueness grants the agent broad discretion (which could cause it to call external tools, read environment, or run arbitrary transforms) and is a scope/instruction mismatch.
Install Mechanism
No install spec and no code files are present; this is instruction-only so nothing is written to disk by an installer. That minimizes install-time risk.
Credentials
The skill requests no environment variables, binaries, or config paths. There are no obvious credential/exfiltration demands in the manifest.
Persistence & Privilege
Default privileges (always:false, agent-invocable) and no persistent modifications are requested. The skill does not ask to become always-enabled or modify other skills.
Scan Findings in Context
[no_code_files_or_rules_matched] expected: The static scanner found no code to analyze because this is an instruction-only skill (SKILL.md only). That is expected for data-only/encoding tasks, but it also means there is no programmatic guidance for safe decoding.
What to consider before installing
This skill provides a large encoded payload but no instructions about how to decode it. That makes its behavior ambiguous: an agent might reasonably try network services, external binaries, or ad-hoc heuristics to decode the text. Because the manifest requests no credentials and has no installer, direct risk is limited, but the lack of explicit instructions is the real issue. Before installing or running this skill: (1) ask the author for a clear SKILL.md that states allowed decoding methods and required tools, (2) prefer using it in a restricted/sandboxed agent (no network or sensitive credentials), and (3) if you need the encoded content decoded, consider decoding it offline yourself or provide a safe, auditable decoding routine rather than an opaque skill. If you cannot get clarification, treat the skill as untrusted and avoid enabling autonomous agent invocation against sensitive data.

Like a lobster shell, security has layers — review code before you run it.

Ovk978mqr0sf0menr8qx4208j2j984qetclatestvk978mqr0sf0menr8qx4208j2j984qetc

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments