Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Uplo Media
v1.0.0AI-powered media knowledge management. Search content production records, licensing agreements, distribution data, and audience analytics with structured ext...
⭐ 0· 80·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name, README, SKILL.md, and identity-patch all describe a media knowledge-management integration and the listed MCP tools (search_knowledge, search_with_context, get_directives, export_org_context, etc.) are coherent with that purpose. The skill requests access to an UPLO/MCP endpoint and API key in skill.json, which is appropriate for a connector to a hosted knowledge service.
Instruction Scope
Runtime instructions in SKILL.md are narrowly scoped to querying the organization's knowledge base and related directives (search_* calls, get_directives, log_conversation, propose_update, report_knowledge_gap). These actions align with the stated purpose but do involve reading and logging potentially sensitive org data (rights, contracts, talent compensation). The guidance to 'log_conversation' and 'export_org_context' are useful but increase the sensitivity of data that may be captured; the skill does not provide details about retention, export destinations, or access controls.
Install Mechanism
The skill has no formal install spec in the package registry summary, but skill.json / README instructs running an MCP server via 'npx -y @agentdocs1/mcp-server --http'. That means the agent will fetch and execute an npm package at runtime. Fetching and running a remote npm package is a moderate-to-high risk behavior unless the package and publisher are verified. There is no published homepage or authoritative source in the registry metadata to validate the package.
Credentials
skill.json declares two required config values: agentdocs_url (your UPLO instance URL) and api_key (MCP token). Those credentials are proportional to the skill's functionality. However the registry metadata earlier stated 'no required env vars'—an inconsistency. Also, the skill's workflows (export_org_context, log_conversation) imply access to broad organizational data; ensure the API key can be scoped minimally and that organization policies permit this access.
Persistence & Privilege
The skill is not forced-always (always:false) and is user-invocable (normal). It does declare an MCP server command that the agent may run to provide tools — this creates a local HTTP transport and effectively runs external code at runtime, but it does not request permanent platform-wide privileges or config changes. Autonomous invocation plus the provided API key would let the skill access org data when invoked; treat the API key as sensitive.
What to consider before installing
This skill appears to do what it says (media rights/production knowledge queries) but there are several things to verify before installing: 1) Confirm the skill's source and publisher—there's no homepage or authoritative source listed in the registry; verify 'UPLO' identity and the npm package '@agentdocs1/mcp-server' are legitimate. 2) Prefer using a scoped, least-privilege API key for your UPLO/MCP instance and confirm acceptable data access/retention policies (who can read exported org context and logged conversations). 3) Understand that the agent will run 'npx @agentdocs1/mcp-server' (fetching and executing code from npm at runtime); if you cannot verify the package, avoid installing or run in an isolated/staging environment. 4) Ask the publisher for an explicit privacy/data-retention statement and the exact npm package checksums or a link to a canonical release (GitHub release or company domain) to validate the runtime artifact. If you cannot validate the package/publisher or limit the API key scope, treat this skill as risky and do not install in production.Like a lobster shell, security has layers — review code before you run it.
latestvk97b47gpd9c1ea41j4wfc8eaj18383pn
License
MIT-0
Free to use, modify, and redistribute. No attribution required.