Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Osori
v1.6.1Osori v1.6.1 — Local project registry & context loader with Telegram slash commands. Registry versioning + auto-migration + root filters + root management +...
⭐ 0· 878·1 current·1 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
Name/description (local registry, search, switch, Telegram commands) match the actual files and required binaries. The skill legitimately needs python3, git and gh for JSON handling, repo detection and GitHub counts; optional 'entire' usage is documented and only required for /entire-* commands.
Instruction Scope
SKILL.md and scripts perform filesystem discovery (mdfind/find), read/write a registry file under $HOME/.openclaw by default, call 'gh' and optionally 'entire', and run project-local commands when switching. These are in-scope for a registry/context loader, but they do grant the skill the ability to scan arbitrary paths and execute CLIs in project directories — review expectations and ensure you trust those CLIs and your registry contents.
Install Mechanism
No remote download/install spec is present (instruction-only skill with bundled scripts). The package includes shell and Python scripts that will be executed locally; nothing is fetched from unknown URLs during install.
Credentials
The skill declares no required env vars but honors optional variables (OSORI_REGISTRY, OSORI_SEARCH_PATHS, OSORI_CACHE_FILE, OSORI_CACHE_TTL). It relies on existing gh/entire CLI config for network access (these use the user's credentials/config). This is expected, but be aware 'gh' uses your GitHub auth and 'entire' interacts with an external service — no additional unrelated secrets are requested by the skill itself.
Persistence & Privilege
Does not request always:true or global agent changes. It writes its own registry (default $HOME/.openclaw/osori.json), creates backups, and uses atomic replace/rollback — behavior is contained to its own files and documented. Allowing autonomous invocation is the platform default and not a specific additional privilege here.
Assessment
This skill appears coherent for managing a local project registry. Before installing: 1) Inspect registry_lib.py and telegram-commands.sh (bundled) to confirm there are no unexpected network endpoints or secrets being sent; those files implement core behavior. 2) Be aware it will read/scan filesystem paths and write a registry under $HOME/.openclaw by default — if you want a different location set OSORI_REGISTRY first. 3) The 'gh' CLI and optional 'entire' CLI will operate with whatever credentials/config you already have for those tools (the skill does not request separate tokens but will invoke them), so ensure your gh/entire configs are trusted. 4) Run /doctor without --fix first to preview changes; backups (.bak/.broken) are created when modifications occur. If you want higher assurance, provide the full contents of registry_lib.py and telegram-commands.sh for a targeted review — absence of those would lower confidence.Like a lobster shell, security has layers — review code before you run it.
latestvk972hxgega914j8vr4qaytajf181bn4b
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
🦦 Clawdis
OSmacOS · Linux
Binspython3, git, gh