Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Jentic
v1.1.3Call external APIs through Jentic — AI agent API middleware. Use whenever you need to interact with external APIs (Gmail, Google Calendar, GitHub, Stripe, Tw...
⭐ 2· 578·0 current·0 all-time
bySean Blanchfield@seanblanchfield
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
Name/description ask the agent to call external APIs through a broker. The declared env vars (JENTIC_URL, JENTIC_API_KEY) and primary credential match the documented broker usage and are proportional to the described functionality.
Instruction Scope
SKILL.md stays within the broker-client role (search, inspect, proxy-execute via Jentic). It also includes an interactive installation flow that tells the agent/user to run Docker commands, possibly run curl|sh installers, and to create/read a workspace TOOLS.md describing trust rules. These activities are plausible for setup but expand scope to host-level operations (Docker, droplet setup) — the doc warns about security boundaries, but the install steps should be run deliberately by the user, not blindly by an agent.
Install Mechanism
No registry install spec (instruction-only), which is lower risk. However the instructions recommend running external scripts (get.docker.com via curl|sh and a raw.githubusercontent.com setup script) and pulling Docker images from Docker Hub — standard but moderately risky if executed without review. The skill itself does not auto-download or execute code in the registry.
Credentials
Only two env vars are required (JENTIC_URL and JENTIC_API_KEY). Both are justified: one to reach the broker and one API key to authenticate. The SKILL.md explicitly disallows requesting human passwords or human session cookies, which aligns with the stated trust model.
Persistence & Privilege
always:false and no install-time artifact in the registry. The skill recommends writing trust rules into workspace TOOLS.md at install time — modifying workspace config is reasonable for this purpose but should be done consciously by the user. Important: running Jentic on the same host grants the agent high privilege (Docker access), which the doc warns about; do not place the broker on the same machine in production.
Assessment
This skill appears to be what it claims: a broker client that requires JENTIC_URL and JENTIC_API_KEY. Before installing or following setup steps: 1) Prefer self-hosted Jentic Mini on a separate machine (not the agent host) to keep a strong trust boundary. 2) Do not hand the agent host-level access (Docker socket, root) — that would let it bypass the human approval step. 3) Review any scripts before running them (the docs suggest curl|sh from get.docker.com and raw.githubusercontent.com). 4) Verify the JENTIC_URL points to a broker you control or trust — a malicious broker could exfiltrate or forward requests. 5) Never provide your human account password or session cookies to the agent; follow the documented access-request/approval workflow. If you want higher assurance, ask for an install spec or signed release artifacts for the components the skill recommends installing.Like a lobster shell, security has layers — review code before you run it.
apivk97c8eyqv4yrn32hs06g0qmpxx81jq78integrationsvk97c8eyqv4yrn32hs06g0qmpxx81jq78jenticvk97c8eyqv4yrn32hs06g0qmpxx81jq78latestvk9711ed5y73ze0aq05ry6e0w1983h60n
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
⚡ Clawdis
EnvJENTIC_URL, JENTIC_API_KEY
Primary envJENTIC_API_KEY