ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Agent Visio User

v0.1.1

Bootstrap skill for DiagForge. Use this skill to onboard an agent into the DiagForge GitHub repository, understand the project structure, run the canonical c...

0· 66·0 current·0 all-time
by@qweadzchn·duplicate of @qweadzchn/diagforge-visio-user
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description ask the agent to clone a GitHub repo and run Python-based smoke tests; requiring git and python is reasonable and proportionate. However, the declared required environment variable (VISIO_BRIDGE_TOKEN) is not referenced anywhere in SKILL.md, which creates an unexplained requirement.
!
Instruction Scope
SKILL.md instructs cloning the upstream repo and running repository Python scripts (Setup\prepare_smoke_test.py, run_draw_job.py, execute_drawdsl.py). Running code pulled from an external repo can execute arbitrary actions (network calls, file I/O, invoking Visio bridge). The instructions do not tell the agent or user to inspect those scripts first, nor do they show how VISIO_BRIDGE_TOKEN is supplied to the runtime, so the runtime behavior and data usage are not fully scoped.
Install Mechanism
This is an instruction-only skill with no install spec and no code bundled — minimal install risk. It relies on existing git and python, which is expected for its stated workflow.
!
Credentials
Only one environment variable (VISIO_BRIDGE_TOKEN) is declared. That could be appropriate for a Visio bridge, but SKILL.md never documents where or how it is used. Requesting a token without context (service endpoint, scope, or why it's needed for the smoke test) is disproportionate and unclear. The skill also suggests using SSH git URLs which implicitly requires SSH keys; this is expected but should be documented as a consideration.
Persistence & Privilege
The skill does not request always:true, does not include an install hook, and does not modify other skills or system-wide settings. Autonomous invocation is allowed (default), which is normal for skills — no extra persistence privileges requested.
What to consider before installing
This skill is an instructions-only bootstrap that points an agent at an external GitHub repo and tells the agent to run Python smoke-test scripts from that repo. Before installing or running it: 1) Inspect the referenced repository (especially the Setup/*.py scripts) to see what they do—look for network calls, credential usage, and files they create or modify; 2) Do not expose your real VISIO_BRIDGE_TOKEN until you confirm what service it authenticates and what permissions it needs—use a scoped or temporary token and rotate it after testing; 3) Run the smoke tests in an isolated/sandbox environment (VM or container) so arbitrary repo code cannot access sensitive host resources; 4) Prefer cloning over HTTPS if you cannot guarantee SSH key safety, and avoid running repo scripts as root; 5) Ask the skill author to clarify where VISIO_BRIDGE_TOKEN is used and to add explicit instructions about inspecting repository code before execution. These steps will reduce the risk of accidental credential exposure or executing unexpected code.

Like a lobster shell, security has layers — review code before you run it.

latestvk975jpa7z1tvvzcf2fehnrbb8x839e60

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Binsgit, python
EnvVISIO_BRIDGE_TOKEN

Comments