ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Aws Cli

v0.2.1

AWS CLI v2 for OpenClaw agents (repackaged official binary)

0· 49·0 current·0 all-time
by@panthrocorp
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description and included files (package.sh, SKILL.md) align: the project repackages the official AWS CLI. However the registry metadata lists 'aws' as a required binary even though the skill supplies installation instructions to install 'aws', and SKILL.md uses common tools (curl, tar, grep, unzip) that are not declared in required binaries — metadata and runtime expectations are inconsistent.
Instruction Scope
Runtime instructions are limited to downloading a tarball from the skill's GitHub releases, extracting into ~/.openclaw, and symlinking aws; usage/auth guidance describes the normal AWS credential chain and IMDS. The SKILL.md does not instruct reading unrelated files. It does, however, instruct downloading a third‑party repackaged tarball (from PanthroCorp-Limited releases) rather than directly from the official AWS download — this introduces supply‑chain trust decisions.
!
Install Mechanism
There is no registry install spec; installation in SKILL.md downloads a tarball from the skill's GitHub releases (well-known host, but a third party). The packaging script (scripts/package.sh) shows the packager downloads the official AWS installer from awscli.amazonaws.com and repackages it, which is reasonable, but consumers who run the SKILL.md instructions will be pulling a repackaged artifact from PanthroCorp's releases rather than the upstream AWS host. Download-and-extract of binaries from a third‑party release increases supply‑chain risk and should be verified (checksums, signatures).
Credentials
The skill requests no environment variables or credentials in metadata. SKILL.md explains the AWS CLI will use the SDK default credential chain (IMDS, env vars, shared config) — this is expected and proportional for an AWS CLI. There are no extra unrelated credentials requested.
Persistence & Privilege
Skill does not request always:true, does not modify other skills' configs, and only recommends extracting files into the skill's own ~/.openclaw directory and creating a symlink in ~/.openclaw/bin. No elevated or persistent global privileges are requested.
What to consider before installing
This skill is coherent with its stated purpose (it repackages the AWS CLI), but you should treat it as a third‑party packaging/install of an important credentialed tool. Before installing: (1) Prefer obtaining the AWS CLI directly from the official AWS distribution if you want to minimise supply‑chain risk. (2) If you use the PanthroCorp release artifacts, verify checksums/signatures or inspect the release tarball contents. (3) Ensure the gateway/container environment should legitimately have AWS credentials or IMDS access — installing the CLI into a container that can reach IMDS grants it access to instance credentials. (4) Be aware SKILL.md uses curl/tar/unzip/grep/ln but the metadata doesn't declare these prerequisites; ensure the host/container has these tools and that extraction will not overwrite unexpected paths. If you cannot verify the build artifacts or don't trust the release owner, do not install the repackaged binary.

Like a lobster shell, security has layers — review code before you run it.

latestvk9763tcnyq7kx0c9nym0e9bmg584frnp

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

☁️ Clawdis
OSLinux
Binsaws

Comments