ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Firecrawl Local

v1.0.0

Use this skill whenever you need to scrape web pages, crawl websites, or map site structure using a self-hosted Firecrawl instance. Triggers on requests to e...

0· 70·0 current·1 all-time
by@saddamtechie
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name/description (integrate with a self-hosted Firecrawl) aligns with the included run.sh and the SKILL.md: the script performs health checks and calls /v1/map, /v1/scrape, and /v1/crawl as expected. However, the registry metadata declares no required binaries or env vars while the SKILL.md and run.sh require curl, jq and optionally FIRECRAWL_LOCAL_URL and FIRECRAWL_API_KEY — this omission is an incoherence in the manifest.
Instruction Scope
The runtime instructions and script stay within scope: they only interact with the Firecrawl HTTP API (default localhost:3002), perform polling, and output JSON. They do not attempt to read arbitrary system files or access other services. Note: because FIRECRAWL_LOCAL_URL can be set, the script can be pointed at a remote host (which is a legitimate feature but increases risk if misconfigured).
Install Mechanism
There is no automated install spec (instruction-only + a supplied run.sh). That is low risk from hidden downloads. The SKILL.md asks the user to copy run.sh into ~/.openclaw/skills/... manually and mark it executable; this is reasonable but requires the user to perform the file write/permission step themselves.
!
Credentials
The script uses optional env vars FIRECRAWL_LOCAL_URL and FIRECRAWL_API_KEY and expects curl/jq to be present, but the skill's registry metadata lists none of these requirements. The FIRECRAWL_API_KEY (if set) is sent as a Bearer token to the target service — this is appropriate for auth but the missing declaration in metadata means automated permission/credential reviews might miss it.
Persistence & Privilege
The skill is not marked always:true, does not request persistent system-wide changes, and contains no code that modifies other skills or global agent settings. It requires the user to place the script in their skills directory manually.
What to consider before installing
This skill appears to implement a legitimate local Firecrawl client, but the manifest omits practical requirements. Before installing: (1) inspect run.sh yourself (it's included) and only install if you trust it, (2) ensure curl and jq are installed, (3) confirm whether you need to set FIRECRAWL_LOCAL_URL — avoid pointing it to untrusted remote hosts, (4) if your Firecrawl uses auth, store FIRECRAWL_API_KEY securely (do not paste it into untrusted places), (5) ask the publisher/registry to update metadata to list required binaries and optional env vars so automated checks don't miss them. If you cannot verify the publisher or don't want to risk misconfiguration (e.g., accidentally pointing the skill at a remote endpoint), treat it as untrusted.

Like a lobster shell, security has layers — review code before you run it.

latestvk97erxz62hzf96dp9vf6kmt2yh83jbfb

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments