ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Ravi secrets

v2.1.1

Store and retrieve key-value secrets — encrypted secret store for API keys and env vars. Do NOT use for website passwords (use ravi-passwords) or reading mes...

0· 403·0 current·0 all-time
byRaunak Singwi@raunaksingwi
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The name/description and runtime instructions consistently describe a secrets store (set/get/list/delete). However the SKILL.md assumes a 'ravi' CLI exists and returns plaintext secret values, yet the skill metadata lists no required binaries, no install spec, and no authentication/credential requirements. That mismatch (expecting a CLI and a live server with auth but declaring none) is unexplained and disproportionate.
!
Instruction Scope
Instructions are narrowly scoped to secret management commands, but they explicitly show the CLI returning plaintext secret values (even in list output) and recommend populating environment variables (e.g. API_KEY=$(ravi secrets get ...)). Those patterns increase the chance of secrets ending up in agent logs, shell history, or environment. The doc also uses 'jq' for parsing but does not declare that as a dependency.
Install Mechanism
No install specification is provided (instruction-only), which by itself is low risk. However the SKILL.md presumes a 'ravi' binary and parsing tools (jq) are present on PATH without declaring them or showing how to install them. The lack of provenance (no homepage, no source repo) prevents verifying the CLI's origin.
!
Credentials
The skill requests no environment variables or primary credential in metadata, yet the documented commands imply communication with a server and an authentication mechanism. The instructions demonstrate storing highly sensitive items (API keys) and returning them in plaintext; metadata should have declared how the agent authenticates and what credentials are required. Absence of those declarations is disproportionate to the stated purpose and increases risk of misconfiguration or inadvertent exfiltration.
Persistence & Privilege
The skill is not force-installed (always: false) and is user-invocable. It allows autonomous invocation (disable-model-invocation: false), which is the platform default. There is no install-time persistence or other privileges requested in the metadata.
What to consider before installing
This skill claims to be a secrets store but doesn't declare the 'ravi' CLI, jq, or any authentication details. Before installing or using it: (1) ask the author for the CLI's source/release URL and an install method so you can verify the binary; (2) confirm how the CLI authenticates (what credential or login is required) and ensure that credential is scoped and stored securely; (3) be aware the documented outputs show plaintext secret values (including in list), which can leak to logs, shell history, or other tools—only use in environments where that risk is acceptable; (4) avoid storing high-risk secrets until provenance and auth are clear. If the author cannot provide a repository, homepage, or clear auth/install instructions, treat the skill as untrusted.

Like a lobster shell, security has layers — review code before you run it.

latestvk975q069823hgajtdm81vff4fx84eg65
403downloads
0stars
6versions
Updated 7h ago
v2.1.1
MIT-0
Raunak Singwi@raunaksingwi
latest
Download

Ravi Secrets

Store and retrieve key-value secrets (API keys, environment variables, tokens). All values are server-side encrypted — you send and receive plaintext. Keys are stored in plaintext for lookup/filtering.

Commands

# Store a secret
ravi secrets set OPENAI_API_KEY "sk-abc123..."

# List all secrets
ravi secrets list

# Retrieve a secret by key name
ravi secrets get OPENAI_API_KEY

# Delete a secret by UUID
ravi secrets delete <uuid>

JSON Shapes

ravi secrets list:

[
  {
    "uuid": "...",
    "identity": 1,
    "key": "OPENAI_API_KEY",
    "value": "sk-abc123...",
    "notes": "",
    "created_dt": "2026-02-25T10:30:00Z",
    "updated_dt": "2026-02-25T10:30:00Z"
  }
]

ravi secrets get OPENAI_API_KEY:

{
  "uuid": "...",
  "identity": 1,
  "key": "OPENAI_API_KEY",
  "value": "sk-abc123...",
  "notes": "",
  "created_dt": "2026-02-25T10:30:00Z",
  "updated_dt": "2026-02-25T10:30:00Z"
}

Common Patterns

Store and retrieve API keys at runtime

# Store a key
ravi secrets set OPENAI_API_KEY "sk-abc123..."

# Retrieve the key value
API_KEY=$(ravi secrets get OPENAI_API_KEY | jq -r '.value')

# List all available key names
ravi secrets list | jq -r '.[].key'

Store multiple service keys

ravi secrets set ANTHROPIC_API_KEY "sk-ant-..."
ravi secrets set GITHUB_TOKEN "ghp_..."

Important Notes

  • Server-side encryption is transparent — you always see plaintext values.
  • Keys must be unique per identity — if you need to update an existing key, use ravi secrets set again (it will upsert). Creating a duplicate key name will return a validation error.
  • Keys are auto-uppercased — keys are automatically uppercased by the server (e.g. test_key becomes TEST_KEY). Keys must match ^[A-Z][A-Z0-9_]*$ after uppercasing.
  • Keys are plaintext — only values and notes are encrypted. Use descriptive key names like OPENAI_API_KEY, STRIPE_SECRET_KEY.

Full API Reference

For complete endpoint details, request/response schemas, and parameters: Secrets

Related Skills

  • ravi-passwords — Store website credentials (domain + username + password, not key-value secrets)
  • ravi-login — Signup workflows that may need API keys stored after registration
  • ravi-feedback — Report secrets issues or suggest improvements

Comments

Loading comments...