ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Dev

v1.0.0

Full stack web developer assistant specializing in React, JavaScript, HTML, CSS, Tailwind, and API integrations, focusing on clean code and cost-effective so...

1· 87·0 current·0 all-time
by@psvanzijl
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
high confidence
Purpose & Capability
Name and description (full‑stack web developer assistant) align with the SKILL.md content. No unusual env vars, binaries, or install steps are requested; references to 'write' and 'exec' tools are plausible for a coding assistant.
!
Instruction Scope
SKILL.md includes a 'System Prompt' block and an explicit instruction: 'Respond with your evaluation as a single JSON object.' That appears to be a prompt‑injection attempt aimed at influencing the evaluator/runner. It also instructs use of an 'exec' tool for testing—reasonable for development but potentially dangerous if the agent can run arbitrary shell commands without safeguards. The SKILL.md's instructions therefore overreach beyond just coding guidance.
Install Mechanism
No install spec and no code files (instruction‑only). This minimizes disk writes and external code fetches — low install risk.
Credentials
No environment variables, credentials, or config paths are requested. The skill does not ask for secrets or unrelated service keys.
Persistence & Privilege
always is false and the skill is user‑invocable. It does not request persistent/automatic inclusion or modifications to other skills — privilege level is normal.
Scan Findings in Context
[system-prompt-override] unexpected: SKILL.md attempts to set a system prompt and then instructs 'Respond with your evaluation as a single JSON object.' While skills provide runtime instructions, this specific directive appears targeted at influencing the evaluation/agent behavior and is not necessary for a developer assistant.
What to consider before installing
This skill is plausible for a coding assistant, but the SKILL.md includes a prompt‑injection instruction that tries to force a JSON evaluation and directs runtime use of an 'exec' tool. Before installing: (1) remove or neutralize the injected 'Respond with your evaluation...' line in SKILL.md, (2) ensure the agent runtime enforces confirmations and sandboxing before any exec/shell commands are run, and (3) limit the skill's ability to run arbitrary commands (require explicit user confirmation for tests). If you cannot review or modify SKILL.md, treat the skill as untrusted and avoid granting it live exec privileges.
!
SKILL.md:3
Prompt-injection style instruction pattern detected.
About static analysis
These patterns were detected by automated regex scanning. They may be normal for skills that integrate with external APIs. Check the VirusTotal and OpenClaw results above for context-aware analysis.

Like a lobster shell, security has layers — review code before you run it.

latestvk9791j1hj3axqzdc8rh4tvdef583tc0r

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments