Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Uplo Government
v1.0.0AI-powered government knowledge management. Search policy documents, regulatory filings, public records, and inter-agency coordination data with structured e...
⭐ 0· 81·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill claims to provide UPLO-backed government knowledge access, which legitimately requires an UPLO instance URL and an API key; those appear in skill.json and README. However the registry metadata above lists no required env vars or primary credential — that's an inconsistency between the claimed purpose and the declared requirements in the registry.
Instruction Scope
SKILL.md uses only high-level MCP-style commands (search_knowledge, search_with_context, get_directives, etc.) and emphasizes classification handling; it does not instruct the agent to read arbitrary local files or exfiltrate data. That scope is appropriate for a knowledge connector. However the instructions assume an MCP connection to an external UPLO instance (implying network calls) and the identity-patch further instructs the agent to treat UPLO as the authoritative source.
Install Mechanism
The skill was presented as instruction-only in the registry, but skill.json and README show an MCP server run via `npx -y @agentdocs1/mcp-server --http`. That implies dynamic download/execution of an npm package at runtime (moderate-to-high risk relative to instruction-only). The registry contains no formal install spec to surface this. Confirm the @agentdocs1 package and its source before running npx.
Credentials
skill.json legitimately requires `agentdocs_url` and a secret `api_key` (UPLO MCP token) which are proportionate to connecting to an external knowledge service. The problem is the top-level registry reported no required env vars — a metadata omission that could lead to unexpected prompts for secrets at install/run time. No other unrelated credentials are requested.
Persistence & Privilege
The skill does not request always:true and does not modify other skills. Autonomous model invocation is enabled (platform default). The MCP server approach may start a local process (via npx) but there is no indication the skill attempts to persistently install itself beyond that.
What to consider before installing
This skill appears to be a UPLO connector and will need an UPLO instance URL and an API key, and it expects to run an MCP server via `npx @agentdocs1/mcp-server`. Before installing: 1) Confirm the skill author and homepage (none provided here); verify the npm package name (@agentdocs1/mcp-server) is the official vendor and inspect its source or release page. 2) Treat the API key as sensitive: use a scoped, least-privilege token and avoid using a high-privilege org key in an untrusted environment. 3) Because the skill dynamically fetches code with npx, run it first in an isolated/test environment and audit the package. 4) Resolve the metadata mismatch (registry shows no required env vars but skill.json requires them) — ask the publisher to correct the manifest so you know upfront what secrets and network endpoints will be used. 5) If handling classified or sensitive documents, ensure the configured UPLO endpoint and the agent environment meet your organization's classification and network policies.Like a lobster shell, security has layers — review code before you run it.
latestvk97dr5xgeds8ctyqas22kkf7m9839na2
License
MIT-0
Free to use, modify, and redistribute. No attribution required.