Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Uplo Legal
v1.0.0AI-powered legal knowledge management. Search contracts, compliance requirements, legal cases, and policy documents with structured extraction.
⭐ 0· 120·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description (legal knowledge management) matches the toolset and commands (search_knowledge, search_with_context, export_org_context, get_directives). HOWEVER the registry metadata supplied to the scanner lists no required env vars or credentials while skill.json declares two required config items (agentdocs_url and api_key). That mismatch is unexpected and should be resolved — the API key and instance URL are plausible and proportional for this purpose, but their omission from the published metadata is an incoherence.
Instruction Scope
SKILL.md instructs the agent to call mcporter commands to fetch identity context, run searches, export full org context, and log conversations. All of these fall inside a legal-knowledge connector's responsibilities. Still, export_org_context and log_conversation can yield large or sensitive data — the instructions do not place explicit limits on exports or logging destinations. The SKILL.md also assumes an MCP endpoint configured via mcporter; it does not show safeguards for preventing unintended export of confidential data.
Install Mechanism
There is no separate install spec in the registry, but skill.json's mcp block runs 'npx -y @agentdocs1/mcp-server --http' at runtime. That means the agent will fetch and execute an npm package via npx when the MCP is launched. Downloading and running code from npm is a moderate risk (traceable but not pre-reviewed). The package name and origin should be verified; the skill does not embed a reproducible release or pinned checksum.
Credentials
skill.json requires agentdocs_url and api_key (an MCP token) which are appropriate for connecting to an UPLO instance. That is proportionate to the stated purpose. But the public registry metadata omitted these requirements; SKILL.md does not declare or show how secrets are managed. API keys grant access to organizational data and must be scoped/rotated — the skill provides no guidance on least privilege or token scopes.
Persistence & Privilege
The skill is not always: true and does not request system-wide changes. Autonomous invocation is allowed (platform default) but not combined with an 'always' flag or other elevated privileges. There is no evidence it modifies other skills' configs.
What to consider before installing
Before installing: (1) Confirm the required configuration (agentdocs_url and api_key) with the skill publisher — the registry listing incorrectly showed no required creds. (2) Verify the destination for the API key is a trusted UPLO instance and limit its scope/ttl. (3) Inspect or vendor-check the npm package @agentdocs1/mcp-server (it will be fetched via npx at runtime); prefer a pinned version/checksum or an audited distribution. (4) Consider restricting use of 'export_org_context' and 'log_conversation' to trusted, audited sessions (these can export sensitive data). (5) Test the skill in a sandboxed environment with non-production credentials first, and ask the publisher to add explicit export safeguards and to correct the published metadata.Like a lobster shell, security has layers — review code before you run it.
latestvk979t0b3smwww8vh43sq40ckfx834tw2
License
MIT-0
Free to use, modify, and redistribute. No attribution required.