Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
cascadeflow: Cost + Latency Reduction
v1.1.1OpenClaw-native domain cascading. Use when users need cost/latency reduction via cascading, domain-aware model assignment, OpenClaw-native event handling, an...
⭐ 3· 637·1 current·1 all-time
bySascha Buehrle@saschabuehrle
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name and description claim cascading/drafter-verifier routing for cost/latency reduction. The SKILL.md exclusively documents installing a Python package (cascadeflow), configuring provider presets (OpenAI/Anthropic), and running a local server — all consistent with the stated purpose.
Instruction Scope
Runtime instructions focus on installing the cascadeflow package, starting a local OpenAI-compatible server, and configuring OpenClaw provider settings. The only in-scope data accesses described are reading OpenClaw payload metadata (metadata.method/event/channel) and provider keys, which are appropriate for domain-aware routing. The instructions do not request arbitrary host/system file reads or unrelated credentials.
Install Mechanism
Install is via pip from PyPI (python -m pip install "cascadeflow[openclaw]>=0.7,<0.8"). This is expected for a Python provider but carries the usual PyPI risks (supply-chain/backdoored package). The SKILL.md sensibly recommends verifying the wheel hash and keeping the server bound to localhost; that reduces risk but does not remove it. No download-from-arbitrary-URL or extract steps are present.
Credentials
SKILL.md and reference docs clearly require provider credentials (OPENAI_API_KEY, ANTHROPIC_API_KEY) and service tokens (auth-token, stats token). However the skill registry metadata shows "Required env vars: none" and "Primary credential: none" — an inconsistency. The credentials requested by the runtime are proportionate to the purpose, but the omission from listing metadata is a meaningful mismatch that could mislead users about what secrets they must supply.
Persistence & Privilege
The skill has no install spec and is instruction-only; it does not request always:true nor does it instruct modifying other skills or system-wide settings. It suggests running a local service and using auth tokens; this is normal for a provider integration and not excessive.
What to consider before installing
This skill appears to be what it claims (a local CascadeFlow OpenClaw provider) but there are a few things to check before installing: 1) Listing metadata mismatch — the SKILL.md expects provider API keys (OPENAI_API_KEY, ANTHROPIC_API_KEY) and auth tokens, yet the registry metadata claims no required env vars. Ask the publisher to correct the listing so required secrets are explicit. 2) Verify the PyPI package before running it: follow the SKILL.md advice to download the wheel, hash it, and inspect the source or the GitHub repo (https://github.com/lemony-ai/cascadeflow). Prefer installing in an isolated virtualenv or sandbox. 3) Use the suggested safe defaults: bind to localhost, require long random auth tokens for the /v1 endpoints, and put any remote deployments behind TLS + reverse proxy. 4) Limit provider API keys to least-privilege/test keys during evaluation; do not use production keys until you have reviewed package source and network behaviour. 5) If you intend to expose the service remotely, validate the stats/auth-token separation and confirm no unintended endpoints are exposed. If you want higher assurance, request an explicit listing update (declare required env vars) and/or a reproducible release artifact (signed release or pinned Git tag) before installing.Like a lobster shell, security has layers — review code before you run it.
latestvk976y89y21nkhgqgqf0ppx3kpd82r60v
License
MIT-0
Free to use, modify, and redistribute. No attribution required.