Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Clawstore
v0.1.1Search, install, and publish OpenClaw agent packages from the Clawstore registry. Use when the user wants to find agents, install them, or publish their own.
⭐ 0· 74·0 current·0 all-time
bySaba Tchikhinashvili@saba-ch
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill name and description (search, install, publish OpenClaw agents) align with the runtime instructions (clawstore CLI commands: search, install, publish, login, etc.). The flows described (init, validate, pack, publish) are coherent with a package registry manager.
Instruction Scope
Instructions stay within the package-manager domain (scaffolding agent packages, inspecting tarballs, uploading to a registry, and using OAuth login). They reference local package files and the local OpenClaw workspace, which is expected. The instructions do assume the ability to run npm and a browser-based OAuth flow, but do not ask the agent to read unrelated system files or exfiltrate data.
Install Mechanism
Although the skill is instruction-only, SKILL.md tells the user to run 'npm install -g clawstore' (a global npm install). The skill metadata declared no required binaries, which is inconsistent — npm (and the installed CLI) are implicit requirements but not declared. Installing arbitrary third-party packages globally is a moderately high-risk operation if the package or its maintainer are untrusted; the SKILL.md provides no verified source link or guidance for vetting the npm package or its publisher.
Credentials
The skill declares no required env vars or primary credential. The SKILL.md relies on a browser-based GitHub OAuth login for publishing, which is a proportional and typical requirement for a publish flow and does not request hidden environment secrets. It does note that authentication persists across sessions — expected but users should be aware.
Persistence & Privilege
The skill is user-invocable, not always-on, and does not request system-wide configuration changes in its instructions. The only persistence mentioned is the CLI's authentication persistence across sessions (normal for a publish workflow).
What to consider before installing
This skill's functionality is coherent, but exercise caution before running the recommended npm install or logging in: 1) Verify the provenance of the 'clawstore' npm package (npmjs.org page, maintainer, repository link) and confirm the registry URL (useclawstore.com) is legitimate. 2) Prefer inspecting the package repository and its code before a global install; consider installing in a sandbox or using a container. 3) Avoid granting publish/login rights to services you don't trust—check what OAuth scopes are requested during 'clawstore login'. 4) If you plan to publish agents, inspect what the CLI will upload (use 'clawstore pack' and validate) so you don't accidentally publish secrets. 5) Note the SKILL metadata omitted required tooling (npm/cli) — make sure your environment and security policies permit installing and running third-party CLIs.Like a lobster shell, security has layers — review code before you run it.
latestvk974m1420v1p1jq335jw9f4crd84aw4r
License
MIT-0
Free to use, modify, and redistribute. No attribution required.