Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Uplo Hospitality
v1.0.0AI-powered hospitality knowledge management. Search guest service standards, property procedures, F&B operations, and event planning documentation with struc...
⭐ 0· 71·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The SKILL.md, README, and skill.json consistently describe a knowledge-search/GraphRAG service for hospitality and the declared MCP capabilities (search_knowledge, search_with_context, export_org_context, get_directives, etc.) align with that purpose. However, the registry summary at the top said 'Required env vars: none' while skill.json declares two required config fields (agentdocs_url and api_key). This metadata mismatch is noteworthy and could confuse deployers about what secrets will actually be needed.
Instruction Scope
The runtime instructions are scoped to querying the UPLO knowledge base and related actions (search, export, find owner, log conversation). These map to the skill purpose. Important caveats: export_org_context can return an entire organizational blueprint and log_conversation sends summaries (possibly sensitive) to the service — both are legitimate for a knowledge-management skill but are high-sensitivity actions. SKILL.md does not instruct the agent to read local files or unrelated system data, which is good.
Install Mechanism
Although the registry lists 'instruction-only', the README and skill.json indicate the MCP runtime will be launched via npx @agentdocs1/mcp-server --http. That implies the agent will fetch and run code from npm at runtime. The skill package @agentdocs1/mcp-server is not a well-known, pre-reviewed system download in this context and will execute code fetched from the public registry. This is standard for MCP-style skills but increases risk: verify the npm package publisher and package contents before allowing runtime installs.
Credentials
skill.json requires agentdocs_url and api_key (MCP token) which are appropriate for connecting to an external UPLO instance; these are proportionate to the stated functionality. However the registry metadata claimed no required env vars — a mismatch. Also, the api_key will grant the skill access to potentially large amounts of proprietary org data (including exports and directives), so ensure the token's scope is limited and you trust the UPLO endpoint before providing credentials.
Persistence & Privilege
The skill is not marked always:true and uses the default of allowing autonomous invocation (normal). The skill does not request system-wide config modification or access to other skills' credentials. Its MCP transport is HTTP to the configured UPLO instance, which is expected for a remote knowledge service.
What to consider before installing
This skill appears to do what it claims (connect to a UPLO hospitality knowledge service), but take these precautions before installing: 1) Verify the publisher and the UPLO instance URL (agentdocs_url) — only point to a trusted, internal/official instance. 2) Review the npm package @agentdocs1/mcp-server (publisher, version, and source) if your agent will run npx to fetch it; prefer pinned, audited releases. 3) Provide an API key with the minimum necessary scope and rotate/revoke it after testing. 4) Be aware export_org_context and log_conversation will transmit potentially sensitive organizational data—test on non-production data first and confirm retention/usage policies with the provider. 5) Resolve the metadata mismatch (registry showing no required env vars vs skill.json requiring config) before provisioning credentials so you know exactly what will be sent to the service.Like a lobster shell, security has layers — review code before you run it.
latestvk971qvpyf5xj26sqfahf6wg6f9839ewx
License
MIT-0
Free to use, modify, and redistribute. No attribution required.