Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
stealth-break
v1.0.0健康摸鱼技能,提供隐蔽的休息策略和定时提醒,使用 macOS 系统通知推送,帮助缓解工作压力、眼睛疲劳、腰椎问题,预防猝死。
⭐ 0· 68·0 current·0 all-time
byryan987123@ryan-qianchen
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill claims macOS system notifications as its delivery mechanism and all runtime instructions target macOS (osascript). However the skill metadata lists no OS restriction. Additionally a package.json and README mention an install flow (npx clawhub install) and a repository URL while the registry entry and install spec are absent — presence of package.json but no install spec is an inconsistency. These mismatches mean the declared metadata does not fully match what the skill actually requires/expects.
Instruction Scope
SKILL.md restricts actions to giving break recommendations and setting reminders via cron + osascript. It does not instruct reading user files or accessing credentials. However it explicitly instructs creating cron jobs and using exec to run osascript (i.e., running shell commands on the user's machine), which is within the stated purpose but has side effects (modifies crontab, spawns OS-level commands).
Install Mechanism
No install spec is present and there are no code files to execute; the skill is instruction-only. This is low-risk from an install mechanism perspective. Note: package.json and README mention an install command (npx clawhub install) despite no install spec — an inconsistency but not an active installer in the bundle.
Credentials
The skill requests no environment variables, no credentials, and references no config paths. Runtime behavior (osascript + cron) does not require extra secrets, so requested privileges are proportionate to purpose.
Persistence & Privilege
The instructions ask the agent to create cron tasks to schedule notifications. That modifies the user's crontab and is persistent across reboots. While 'always' is false and the skill does not claim elevated privileges, the persistence and modification of user cron deserve explicit user consent and inspection before being applied.
What to consider before installing
This skill appears to do what it says (provide break suggestions and schedule macOS notifications), but take these precautions before installing or allowing it to run commands:
- Confirm you are on macOS. The skill's notifications use osascript; it will fail or do nothing on other OSes. The skill metadata does not restrict OS, so verify platform compatibility.
- Review and approve any cron entries before they are written. Creating cron jobs is persistent and edits your crontab; back up your crontab (crontab -l > backup.txt) and inspect new lines.
- When the agent proposes shell commands (cron or osascript), don't let it run them blindly — copy them and run them manually if you prefer.
- The package.json/README mention an npx install and a repository URL but no install spec is present in the bundle. Verify the skill's source and distribution channel (who published it, and whether the repository is trustworthy) before using automated installers.
- If you want automatic scheduling, prefer explicit, minimal cron entries that only call osascript with static, reviewed strings. Avoid giving the skill blanket permission to execute arbitrary shell commands.
If you want, I can (a) extract the exact cron lines and osascript commands the skill would create so you can inspect them, or (b) produce step-by-step manual instructions to set up the reminders yourself without granting the agent permission to edit your crontab.Like a lobster shell, security has layers — review code before you run it.
latestvk9797v4v6bz9xcfyfp02b9ard583q4m9
License
MIT-0
Free to use, modify, and redistribute. No attribution required.