Ambiguous
PassAudited by VirusTotal on May 4, 2026.
Overview
Type: OpenClaw Skill Name: ambiguous Version: 1.0.1 The skill bundle provides instructions for an AI agent to interact with the 'Ambiguous Workspace' platform using the `npx ambiguous` CLI. It includes standard functionality for authentication, task management, and document handling, with configuration stored locally in `~/.ambi/config.json`. The instructions are well-documented, align with the stated purpose of workspace management, and contain no evidence of malicious intent, data exfiltration, or harmful prompt injection.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If invoked too broadly, the agent could change or delete workspace data or send messages/emails through the user's Ambiguous account.
The CLI exposes the full live workspace API, including destructive operations with a confirmation-skipping option, but the skill does not bound which operations the agent should use or require explicit approval for high-impact actions.
every operation the API exposes is reachable as a subcommand ... npx ambiguous tasks delete <id> -y # `-y` skips confirmation
Use only with explicit user-approved commands, avoid `-y` unless the user specifically requests it, and prefer least-privilege/scoped API tokens if the service supports them.
Anyone or any agent process that can use the saved API key may act on the Ambiguous workspace within that key's permissions.
The skill clearly uses a persistent Ambiguous API key for authenticated workspace actions; this is expected for the integration, but it is sensitive account authority.
The API key is stored at `~/.ambi/config.json` automatically. ... Every command requires auth except `auth` and `config`.
Verify the account and workspace before login, protect `~/.ambi/config.json`, rotate the token if exposed, and use the narrowest available permissions.
Changes to the external CLI package could change how credentials or workspace operations are handled.
Runtime behavior depends on an external npm-resolved CLI package rather than reviewed local code; this is normal for an npx-based CLI but leaves package provenance and version pinning outside the provided artifacts.
Use `npx ambiguous` to act on an Ambiguous Workspace account.
Confirm the npm package/source before use and pin or locally install a trusted version where possible.