Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Corust Agent Configure
v1.0.0Install, configure, and use Corust Agent (corust-agent-acp) — an ACP-compatible coding agent. Use when: the user wants to install, configure, set up, or use...
⭐ 0· 45·0 current·0 all-time
byPhoenix@phoenix500526
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill's name and description match the actions in SKILL.md: downloading a corust-agent binary, placing it under $HOME/corust, and configuring ACPX/OpenClaw. The declared required binaries (curl, tar) fit the stated installation steps and no unrelated credentials or binaries are requested.
Instruction Scope
Instructions include expected setup tasks (download, extract, mark executable, write/merge ~/.acpx/config.json and ~/.openclaw/openclaw.json). However the guidance also tells administrators to enable broadly permissive settings: channels.discord.allowFrom '[["*"]]' and an ACPX plugin config with permissionMode 'approve-all'. Those configuration changes expand who/what can spawn agent sessions and may expose the system to untrusted inputs. The skill also instructs executing an unsigned remote binary fetched via the 'latest' GitHub release URL without guidance to verify checksums or signatures.
Install Mechanism
There is no formal install spec — the SKILL.md instructs using curl to download a tar.gz from GitHub Releases and extracting it. Using GitHub Releases is common and reasonable, but downloading and executing a remote binary (especially via the 'latest' redirect) is nontrivial risk unless the release is signed or checksums are verified. The instruction to extract and run the binary is proportionate to the purpose but should advise integrity verification.
Credentials
The skill requests no environment variables or credentials and only modifies user-level config files under the home directory. There are no unexplained secret requests or cross-service keys in the manifest.
Persistence & Privilege
The skill itself is not 'always:true' and requests no special platform privileges, but it explicitly directs changing global OpenClaw/ACPX/Discord settings that increase agent invocation reach (allowFrom ['*'], permissionMode 'approve-all', enabling ACP dispatch/threads). Combined with default autonomous agent invocation, these recommended config changes broaden the system's attack surface and risk unauthorized agent starts.
What to consider before installing
This skill appears to do what it says (install and wire up corust-agent) but includes two points you should review before installing: (1) it downloads and runs a binary from a remote GitHub 'latest' release — verify the release source, prefer a pinned version, and check signatures or checksums before executing; consider downloading manually and inspecting or running in a sandbox/container; (2) it recommends making OpenClaw/ACPX/Discord settings permissive (channels.discord.allowFrom ['*'], permissionMode 'approve-all') which can let untrusted users spawn agents or give agents broad approval. Instead, restrict allowFrom to specific channels or roles, avoid 'approve-all' unless you fully trust your environment, back up existing ~/.acpx and ~/.openclaw configs before merging, and test changes in a staging environment. If you lack confidence in the GitHub repo's authenticity, ask the vendor for signed releases or hashes, or run the agent binary under a limited user/VM.Like a lobster shell, security has layers — review code before you run it.
latestvk97cevbae5qr0sqb1c49h10z7983pjga
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
🦀 Clawdis
Binstar, curl