ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Claude Code Controller

v1.0.0

控制和管理 Claude Code 编码助手,支持项目感知编码、代码审查、重构和功能实现。使用 ACP 运行时在隔离会话中执行 Claude Code 任务,或在主会话中管理配置和项目上下文。

1· 409·1 current·1 all-time
byRocher@rocherkong
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The skill's name, description, SKILL.md, and the provided launch script consistently implement a controller for Anthropic Claude Code (installing/using the claude CLI, configuring ~/.claude, running tasks). However the metadata claims no required env vars or config paths while the runtime docs and script clearly require ANTHROPIC_API_KEY and rely on ~/.claude files — this discrepancy is unexpected and should be justified.
!
Instruction Scope
SKILL.md instructs the agent/user to install and run the claude CLI, create and edit project-level ~/.claude/settings.json, read logs (~/.claude/logs/latest.log) and run claude in interactive/ACP sessions. Those actions are consistent with a controller, but they grant the skill access to user home config, logs, and (via MCP examples) potentially databases or filesystem bridges. The instructions also reference absolute/root-like paths in docs (e.g., /root/.openclaw/workspace) which implies assumptions about environment privileges.
Install Mechanism
There is no automatic install spec in the skill bundle (instruction-only). SKILL.md recommends installing @anthropic-ai/claude-code via npm (a normal public registry package). The included shell script is simple and does not download arbitrary archives or external payloads. No high-risk download URLs or extract steps are present.
!
Credentials
The metadata declares no required environment variables, yet SKILL.md and scripts require ANTHROPIC_API_KEY and reference other env examples (ANTHROPIC_MODEL, DATABASE_URL in MCP examples). This mismatch is disproportionate and could lead to implicit credential use. The skill also expects to read/write ~/.claude config and logs — access that should be explicitly declared and limited.
Persistence & Privilege
The skill does not request always:true and does not include install-time mechanisms that modify other skills. The launch script writes a project-local .claude/settings.json if missing; that is normal for a tooling helper. No evidence the skill attempts to change system-wide agent config or persist credentials beyond normal config files.
What to consider before installing
Before installing or enabling this skill: - Expect it to require an Anthropic API key (ANTHROPIC_API_KEY) and to read/write ~/.claude/* files; the metadata currently does not declare these — treat that as a red flag and confirm with the author. - Inspect and if needed sandbox the included scripts (scripts/launch-claudecode.sh) before running; it will create project/.claude/settings.json and invoke the claude CLI. - Only install @anthropic-ai/claude-code from the official registry and verify package provenance. - Review any MCP/database examples carefully: configuration can launch helper processes (npx ...) that may access databases or filesystem paths — don’t provide DATABASE_URL or broad ALLOWED_PATHS unless you trust the skill. - Avoid placing sensitive keys in project files; keep ANTHROPIC_API_KEY in a secure secret store and verify the skill does not leak it to unexpected endpoints. - If you need higher assurance, run the skill in an isolated environment (container or VM) and require the author/source to provide signed or repository-traceable code and a declared list of required env vars/config paths.

Like a lobster shell, security has layers — review code before you run it.

ai-assistantvk970rgq44h3eefwx6kt3p1gmg982ng48anthropicvk970rgq44h3eefwx6kt3p1gmg982ng48claudevk970rgq44h3eefwx6kt3p1gmg982ng48code-reviewvk970rgq44h3eefwx6kt3p1gmg982ng48codingvk970rgq44h3eefwx6kt3p1gmg982ng48latestvk970rgq44h3eefwx6kt3p1gmg982ng48openclawvk970rgq44h3eefwx6kt3p1gmg982ng48

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments