Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Uplo Banking
v1.0.0AI-powered banking knowledge management. Search KYC records, regulatory reports, risk assessments, and loan processing documentation with structured extraction.
⭐ 0· 111·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill is clearly a UPLO/UPLO-like connector for banking knowledge (KYC/AML, regulatory records). That purpose legitimately requires an instance URL and an API key to talk to the UPLO MCP server — which appear in skill.json and README. However the registry metadata provided earlier claimed no required env/config/credentials; that is inconsistent with the included skill.json and README. Confirm which metadata is authoritative before trusting the skill.
Instruction Scope
SKILL.md instructs the agent to call mcporter commands (e.g., search_knowledge, search_with_context, export_org_context, log_conversation). Those commands are coherent with the stated purpose. Two operational notes: (1) SKILL.md assumes a local MCP/mcporter tool is available but the registry metadata did not declare required binaries — clarify this dependency; (2) the skill exposes actions that can export full organizational context and log conversations back to the MCP, which is expected for this connector but carries high sensitivity for KYC/SAR data and should be limited and audited.
Install Mechanism
There is no explicit install spec in the registry, which reduces disk-write risk, but skill.json includes an MCP launch command using 'npx -y @agentdocs1/mcp-server --http'. That means when the agent runs, it may fetch and execute an npm package at runtime. Downloading and executing code from npm is a moderate-risk install mechanism — verify the package name and publisher, prefer pinned versions, and review the package source before allowing execution.
Credentials
The skill requires a UPLO instance URL and an API key (skill.json config), which are proportionate to a knowledge-base connector. However, the API key grants access to extremely sensitive banking data (KYC, SARs, examinations). Ensure the provided API key is scoped to least privilege, time-limited if possible, and audited. Also resolve the discrepancy where registry metadata lists no required credentials.
Persistence & Privilege
The skill does not request always:true or other elevated persistent privileges, and there is no indication it modifies other skills or system-wide settings. Normal autonomous invocation is allowed (platform default).
What to consider before installing
Before installing or enabling this skill: (1) Verify the source and homepage — skill.json cites UPLO but registry metadata lacks a homepage; ask the publisher for a canonical source. (2) Confirm the required config: agentdocs_url and api_key are needed (contradiction with registry metadata). Only provide an API key that is scoped to the minimum necessary permissions, ideally read-only and time-limited, and ensure audit logs are enabled. (3) Review the npm package @agentdocs1/mcp-server (author, version, source repo) before allowing the agent to run npx and fetch code. Prefer pinned versions rather than '-y' dynamic fetches. (4) Be cautious about commands that export_org_context or log_conversation — these can contain highly sensitive PII and SAR-related material; restrict who can invoke them and consider testing in an isolated environment first. (5) If you cannot confirm the publisher or scope of the API key, do not install or provide credentials. If you want higher assurance, ask the publisher for a signed package, official documentation/homepage, and a minimal-scope service account for testing.Like a lobster shell, security has layers — review code before you run it.
latestvk97cv6e6t17xhb67m22936aqg98349wk
License
MIT-0
Free to use, modify, and redistribute. No attribution required.