Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Maxun
v1.0.1List and run Maxun web scraping robots. Use when asked to list robots, run a robot, scrape a website, or get robot results.
⭐ 1· 345·0 current·0 all-time
byRohit@rohitr311
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description (Maxun web scraping robots) aligns with the code and declared requirements: the script calls Maxun SDK endpoints under /api/sdk/ using an x-api-key header and requires MAXUN_API_KEY, bash, curl, and python3. The script also supports overriding the base URL via MAXUN_BASE_URL (optional), which is reasonable for testing but is not declared in requires.env.
Instruction Scope
SKILL.md stays within the stated purpose: it instructs the agent to run specific commands (list, run, runs, result, get, abort) and to present the returned output directly. It does not instruct reading unrelated files or other environment variables. One caveat: SKILL.md asks the agent to always call the exact exec strings and display raw output, which is fine for a CLI wrapper but reduces opportunity for validation or sanitization of results.
Install Mechanism
There is no install spec (instruction-only), which is low-risk. However, a scripts/maxun.sh file is included but SKILL.md does not explain how the 'maxun' command will be made available on PATH or how to invoke the included script. This is an operational inconsistency (bundle includes a helper script but no install/activation instructions).
Credentials
Only MAXUN_API_KEY is required (declared as primaryEnv), which is appropriate for accessing the Maxun API. The helper script optionally reads MAXUN_BASE_URL (not declared), which should be documented. No other unrelated secrets or system credentials are requested.
Persistence & Privilege
SKILL.md's 'Setup' block instructs adding an exec tool entry with host='gateway', security='full', and ask='off' in ~/.openclaw/openclaw.json. That grants broad exec privileges and disables confirmation prompts, increasing the blast radius of any misuse. The skill itself does not set always:true, but recommending 'ask: off' and 'security: full' is a significant privilege escalation to consider.
What to consider before installing
This skill appears to be a legitimate Maxun CLI wrapper and only needs your Maxun API key to operate, but review these before installing:
- Treat MAXUN_API_KEY as a secret: anyone with it can access your robots and scraped data.
- The bundle includes scripts/maxun.sh but does not tell you how to expose a 'maxun' command. Confirm how the skill will invoke the script (you may need to symlink or add it to PATH or update the SKILL.md). Do not assume the script will be automatically installed.
- SKILL.md asks you to configure the exec tool with security: 'full' and ask: 'off' (no prompts). That disables confirmation prompts and grants broad host-level execution rights — only do this if you fully trust the publisher and understand the risk. Prefer leaving 'ask' enabled or using least-privilege settings.
- MAXUN_BASE_URL can override the default endpoint; if you set it, ensure it points to a trusted Maxun endpoint.
If you trust the Maxun service and the publisher, you can proceed after addressing the install/invocation gap and taking care with the exec configuration. If you are unsure, ask the publisher for explicit install steps and justification for the 'ask: off' recommendation, or keep prompts enabled and run the helper script manually to inspect its behavior.Like a lobster shell, security has layers — review code before you run it.
latestvk970p2608sfbax2n873rcwm1w582vf1q
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
🤖 Clawdis
Binsbash, curl
Any binpython3
EnvMAXUN_API_KEY
Primary envMAXUN_API_KEY