Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Prefy
v1.0.0Connect to Prefy AI platform — Conductor API (19 models, OpenAI-compatible), server management, web search, image generation, phone calls (AutoCall). Use whe...
⭐ 0· 315·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill claims to connect to the Prefy platform (chat, search, images, servers, AutoCall). The SKILL.md shows it needs a Prefy API key (PREFY_API_KEY / pc_...), a Supabase JWT for server/agent APIs, and implies integration with Stripe and third-party audio providers. However, the registry metadata lists no required environment variables or primary credential. Declaring no credentials is inconsistent with the documented usage and credential patterns in SKILL.md.
Instruction Scope
SKILL.md provides concrete API endpoints and sample payloads and stays within the described Prefy capabilities. It does, however, document server management 'agent commands' that include 'shell <cmd>' (remote shell execution on provisioned servers) and creating Stripe checkouts, which are high-privilege actions. The instructions do not ask the agent to read local files or unrelated system state, but they do enable potentially dangerous remote operations if invoked with credentials.
Install Mechanism
This is an instruction-only skill with no install spec and no code files, so nothing will be written to disk or downloaded at install time. That minimizes install-time risk.
Credentials
The SKILL.md expects secret credentials (Prefy API key, Supabase JWT) and hints at Stripe usage and third-party audio services, but the skill metadata lists none. Requiring multiple secrets for different subsystems (API, auth for server agents, payment) is plausible for the described functionality but must be explicitly declared; the omission is a proportionality and transparency issue. Any required tokens would grant significant access (API calls, server control, payment flow).
Persistence & Privilege
The skill is not marked always:true and is user-invocable with normal autonomous invocation settings. It does not request persistent presence or modifications to other skills. That privilege level is typical for an integration skill.
What to consider before installing
The skill appears to document genuine Prefy API endpoints, but the metadata fails to declare the secret keys the SKILL.md clearly expects. Before installing or enabling this skill: 1) Ask the author to explicitly list required environment variables (e.g., PREFY_API_KEY, SUPABASE_JWT, any Stripe keys) in the skill manifest. 2) Only provide the minimum-scoped credentials necessary (use per-skill API keys or short-lived tokens if possible). 3) Be cautious about granting server-agent JWTs or payment credentials — these enable remote shell commands and creating payment checkouts. 4) Verify the official Prefy documentation and TLS endpoints (https://prefy.com/docs) and confirm the skill's source/maintainer identity. 5) If you must test, do so in an isolated account or sandbox environment with limited privileges. If the author cannot justify the undeclared credentials, treat the skill as untrusted.Like a lobster shell, security has layers — review code before you run it.
latestvk97bav6ta16440k5e1jz25kz5x82492b
License
MIT-0
Free to use, modify, and redistribute. No attribution required.