ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

along-plan

v1.0.0

Read-only exploration and planning skill for safe code analysis. This skill should be used when the user asks to enter plan mode, analyze before changing, cr...

0· 35·0 current·0 all-time
byAlong@orangon
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name and description match the instructions: the skill is instruction-only and intended for read-only exploration and producing a plan. Allowing saving the plan to docs/plan-<topic>.md is consistent with the stated purpose.
!
Instruction Scope
The SKILL.md explicitly allows commands that reveal sensitive runtime state: 'env' / 'printenv', 'git config --get', process and system info (ps, top), and network reads via 'curl' and 'wget -O -'. While these can be legitimate for context when planning, they broaden what the agent will be allowed to read. The safe-command decision rule says 'when unsure: do NOT run the command', but the allowlist still grants the ability to run commands that could expose secrets.
Install Mechanism
Instruction-only skill with no install spec and no code files — lowest-risk installation surface.
!
Credentials
The skill declares no required environment variables, but the allowed commands include reading the environment (env/printenv) and other config (git config --get). That mismatch means the skill can access sensitive environment information even though it lists no credentials — this is proportionally broad for a 'read-only planning' skill and could expose secrets.
Persistence & Privilege
always:false and normal model invocation; the skill does not request persistent or cross-skill privileges. It does permit writing the plan document to docs/plan-<topic>.md which aligns with its purpose and is a limited write action.
What to consider before installing
This skill is mostly coherent for a read-only planning phase, but it explicitly permits commands that can reveal environment variables, git config values, process lists, and network GETs. These capabilities can leak secrets or sensitive metadata if misused. Before installing or enabling: 1) Confirm your execution environment policy (does the agent actually get access to run env/printenv and curl?), 2) Restrict or require explicit user approval for commands that print environment variables or perform network requests, 3) Consider removing or tightening 'env/printenv' and network access from the allowlist if you don't need them, and 4) Ensure the platform enforces the declared read-only constraints (no redirections, no destructive commands). If you need stronger assurance, ask the skill author to document exactly when and why env/network reads are necessary or to remove those permissions.

Like a lobster shell, security has layers — review code before you run it.

latestvk975crb50y4mtsks7jh78k1kwx83y1yc

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments