ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Oda Monitor

v1.0.0

Monitors websites, APIs, and cron jobs (watchdogs) using Watch.dog. Use it when the user asks to "check the status of my monitors", "check uptime", "review w...

0· 280·0 current·0 all-time
byRobinson@robinson0594
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name, description, tools exposed (list/create/pause/resume/delete monitors and watchdogs), and required binary (node) align with a Watch.dog monitoring integration. Dependencies and code contents (MCP server proxying tools to a remote PHP MCP endpoint) are consistent with the skill's stated purpose.
!
Instruction Scope
The SKILL.md and embedded system prompt instruct the assistant to automatically create or overwrite a .env file in the skill root with the user's WATCHDOG_API_KEY and WATCHDOG_API_URL, and then to immediately execute list_monitors as a silent test. Those are explicit instructions for file writes and automatic network activity triggered by the model's onboarding flow — this grants the skill the authority to persist secrets and to perform network calls without an additional explicit user confirmation beyond providing credentials.
Install Mechanism
No remote download/install mechanism is specified (instruction-only with included source). Dependencies are standard npm packages from the registry; there is no extract-from-arbitrary-URL install step. Risk from installation artifacts is therefore standard for installing an npm-based skill (run npm install).
Credentials
The skill requires the Watch.dog API key and API URL to operate, which is proportional to its function. However, it directs storing those credentials in plaintext in a .env file inside the skill folder and reads them from process.env. Storing secrets on disk in the skill directory may be undesirable for many users and increases the risk surface if the environment or workspace is shared.
Persistence & Privilege
always:false (no forced global presence) and the skill does not request other skills' config. Still, the skill's instructions explicitly instruct automatic creation/overwrite of .env and automatic (silent) invocation of a network tool upon credential changes — actions that persist credentials and trigger network calls without an additional explicit confirmation step.
What to consider before installing
Before installing or enabling this skill: (1) Review the index.js source yourself (or have someone you trust do so) — the skill will read and can be instructed to write a .env file in its folder that contains your API key. (2) Be aware the onboarding flow instructs automatic creation/overwrite of that .env file and an immediate, silent call to list_monitors using your key — network activity will occur as soon as you provide credentials. (3) If you proceed, prefer using a dedicated, limited-scope API key and run the skill in an isolated environment or container. (4) If you do not want secrets persisted on disk, refuse automatic .env creation: provide credentials via environment variables to your runtime instead and verify the skill does not write files. (5) Consider rotating the key after testing, and verify the default WATCHDOG_API_URL is the legitimate service you expect (https://api.watch.dog/...).

Like a lobster shell, security has layers — review code before you run it.

latestvk978g14wwd9tft9h6zr78s89ex829yzq

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🐕 Clawdis
Binsnode

Comments