ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Uplo Food Safety

v1.0.0

AI-powered food safety knowledge management. Search HACCP plans, FDA compliance records, traceability documentation, and quality control data with structured...

0· 72·0 current·0 all-time
by@roojenkins
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description (food safety knowledge mgmt) align with the capabilities exposed (search_knowledge, search_with_context, get_directives). Requesting an UPLO instance URL and an API key (in skill.json and README) is proportional for a knowledge-base connector. However, the registry metadata claimed 'Required env vars: none' while skill.json declares required config (agentdocs_url and api_key) — that's an incoherence.
Instruction Scope
SKILL.md limits runtime actions to querying the UPLO knowledge base (search_knowledge, search_with_context, get_directives, etc.) and calling identity/context helpers. It does not instruct reading arbitrary host files or unrelated credentials. The identity-patch directs the agent to prefer UPLO-sourced answers, which is consistent with the skill's purpose but should be noted as behavior that biases responses toward the connected knowledge base.
!
Install Mechanism
There is no formal install spec in the registry, but README and skill.json indicate the connector runs via 'npx @agentdocs1/mcp-server --http' (i.e., fetching and running an npm package at runtime). Downloading/executing an npm package from the public registry is moderate risk and should be verified (publisher, package contents, integrity). The absence of an official install entry in the manifest while documentation instructs using npx is an inconsistency that increases risk.
!
Credentials
skill.json requires two config items: agentdocs_url (URL) and api_key (secret). Those are reasonable for a connector to an external knowledge service. The problem is that registry metadata earlier reported 'none' for required env vars/config, creating an expectation mismatch — users may be surprised to be prompted for an API key. No unrelated secrets are requested, but verify that the API key is scoped/minimal.
Persistence & Privilege
The skill does not request always:true and is user-invocable only. The identity-patch biases agent behavior toward UPLO data but does not request system-level persistence or modification of other skills. Autonomous invocation is allowed (platform default) but not escalated here.
What to consider before installing
This skill appears to be a legitimate connector to a UPLO knowledge service, but there are mismatches and a remote install step to watch for. Before installing: 1) Expect to provide a UPLO instance URL and an API key even though the registry metadata said 'none' — confirm where those credentials come from and that the API key is appropriately scoped. 2) Verify the npm package '@agentdocs1/mcp-server' (publisher, npm page, recent versions) before allowing the agent to run npx to fetch it — npx will download and execute remote code. 3) Confirm the skill's publisher/source and, if possible, a homepage or source repo (none listed) to validate authenticity. 4) Consider limiting the API key's privileges and testing in a sandbox environment with non-sensitive data. If you cannot verify the package or publisher, treat this skill as higher risk and avoid providing org credentials.

Like a lobster shell, security has layers — review code before you run it.

latestvk973mnmc4ccy2r81k47wt6c3wh839z6d

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments