Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Uplo Agriculture
v1.0.0AI-powered agricultural knowledge management. Search crop management records, livestock data, compliance documentation, and sustainability reports with struc...
⭐ 0· 123·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The declared purpose (connect to UPLO to search agricultural knowledge) matches the behavior in SKILL.md and README. However, the registry metadata lists no required credentials or env vars while skill.json defines two required config fields (agentdocs_url and api_key) that are necessary to connect to an external UPLO MCP server. That mismatch is incoherent: a connector like this legitimately needs an API endpoint and token, but the registry presentation omitted them.
Instruction Scope
SKILL.md limits runtime actions to mcporter calls (search_knowledge, search_with_context, export_org_context, log_conversation). Those are consistent with a knowledge-base connector. However, SKILL.md does not document the required API credentials or explicitly warn that log_conversation will transmit conversation summaries to the configured UPLO instance. This means user data (conversation summaries, topics, tools_used) will be sent to an external service—expected for this connector but worth explicit notice.
Install Mechanism
The registry lists no install spec (instruction-only), but skill.json contains an mcp stanza that runs 'npx -y @agentdocs1/mcp-server --http' with envs derived from the skill config. That implies the platform will fetch/execute an npm package at runtime. Fetching and executing code via npx from npm is a moderate-risk install path and should be validated (package origin, maintainer, version). The README similarly suggests configuring an MCP server via npx, so the effective install is not purely 'instruction-only'.
Credentials
The skill.json requires agentdocs_url and api_key (a secret) which are proportionate for a connector to an external UPLO instance. The problem is the registry-level requirements list none, and SKILL.md doesn't call out how to supply those creds. Users should be aware the skill needs a token that grants access to their organization's UPLO data; that token will be used by the MCP server process and will be transmitted to/run by the agent runtime.
Persistence & Privilege
always is false and the skill does not request system-level persistence. The skill can be invoked autonomously by the agent (platform default), which is normal. Note: because the skill runs an external MCP server process (via npx) and uses an external API_KEY, autonomous invocation combined with those external credentials increases the impact of any misuse—so validate the MCP package and restrict the API key scope.
What to consider before installing
This skill appears to be a UPLO connector (searching your organization's agriculture knowledge) and that purpose explains the need for an endpoint URL and API key. However, the registry metadata omitted those requirements while skill.json requires them and the README/SKILL.md expect an MCP server launched via npx. Before installing or enabling this skill: 1) Confirm the agentdocs_url is a trusted UPLO endpoint and limit the API key scope/permissions. 2) Inspect or verify the npm package '@agentdocs1/mcp-server' (publisher, versions, audit) since the platform will run it via npx. 3) Understand that 'log_conversation' will send conversation summaries to the UPLO instance—decide what data may be logged and ensure classification/consent. 4) Prefer running the MCP server in an isolated environment or test tenant first. If possible, ask the skill author to (a) update registry metadata to list required config/env vars, (b) document exactly what is transmitted during log_conversation, and (c) pin the MCP package to a specific trusted version.Like a lobster shell, security has layers — review code before you run it.
latestvk97efd5qyxvt4c07g9195p4zdd834et5
License
MIT-0
Free to use, modify, and redistribute. No attribution required.