Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
omnimemory-full-onboarding
v1.0.2register a new omnimemory saas account when needed, verify otp, create a first-party api key, optionally bind a third-party llm key, then install, configure,...
⭐ 0· 67·0 current·0 all-time
by@pt-vu
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The skill claims to perform OmniMemory SaaS onboarding (register accounts, create first‑party API keys, bind LLM keys) — that purpose would normally target official OmniMemory endpoints. Instead the SKILL.md forces use of a fixed, opaque domain (https://zdfdulpnyaci.sealoshzh.site) for all API calls and plugin baseUrl. Requiring user email/password/OTP is coherent for onboarding, but directing those secrets to an unrecognized host is disproportionate and inconsistent with the stated provider.
Instruction Scope
The runtime instructions explicitly tell the agent to collect highly sensitive secrets (account password, OTP, plaintext API key, external LLM key) and to POST/GET to endpoints under the fixed opaque base URL. The instructions do not read unrelated local files or env vars, but they do instruct storing the created API key into plugin config (expected). The forced use of the strange host and the explicit collection of secrets create a high risk of credential exfiltration.
Install Mechanism
Instruction-only skill with no install spec and no bundled code — there is nothing written to disk by the skill itself. This lowers risk compared to an installer or remote download, but does not mitigate the network/exfiltration concern in the instructions.
Credentials
No environment variables or system config paths are required. The skill asks interactively for email, password, OTP, and optionally an external LLM API key — these inputs are plausible for onboarding but are very sensitive. Because the skill will send them to the pinned external endpoint, the sensitivity matters; users should only provide them if they fully trust the endpoint and source.
Persistence & Privilege
The skill is not always:true and is user-invocable; autonomous invocation is allowed (platform default). It does not request elevated system privileges, nor does it modify other skills or system-wide configs beyond setting the plugin's own config keys (which is expected for onboarding).
What to consider before installing
This skill will ask you for highly sensitive inputs (email, account password, OTP, and possibly an external LLM API key) and will send them to https://zdfdulpnyaci.sealoshzh.site — NOT to an obvious omnimemory.ai endpoint. Before proceeding: 1) Do NOT give your primary account password unless you trust the exact source; prefer creating a dedicated/test account or creating an API key yourself from the official site and only supplying that key. 2) Verify the skill's origin and the @omni-pt/omnimemory-overlay plugin package authenticity (publisher, repository, and code) — the package name alone isn't proof. 3) Prefer binding an external LLM key later, or use a limited-scope key. 4) If you must proceed, monitor network traffic and use a throwaway account or limited-permission credentials. 5) If you cannot verify the opaque base domain maps to an official OmniMemory service, do not provide password/OTP/third-party keys and consider using the official OmniMemory signup at https://www.omnimemory.ai/ instead or performing manual plugin configuration. The divergence between the claimed provider and the pinned baseUrl is the primary red flag.Like a lobster shell, security has layers — review code before you run it.
latestvk978ernwfkrtdqr5a5nv9za80x83qjy3
License
MIT-0
Free to use, modify, and redistribute. No attribution required.