ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Webtop Galim

v0.1.2

Check, monitor, and summarize student homework/tasks from Webtop (SmartSchool), Galim Pro, and Ofek. Use when the user asks to inspect homework, pending task...

0· 52·0 current·0 all-time
by@shaike1·fork of @shaike1/ofek-galim (0.1.3)
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
The scripts legitimately need student portal credentials and (for calendar sync) a Google service-account JSON to do what the description says. However the registry metadata claims 'Required env vars: none' and 'Required binaries: none' which is incorrect. The skill also calls an external webtop fetcher at /root/.openclaw/skills/pywebtop-skill/webtop_homework_fetcher.py (not included) — referencing another skill/repo outside the bundle. That discrepancy between declared requirements and actual needs is concerning.
!
Instruction Scope
SKILL.md and the wrapper instruct the agent to load environment files under /root/.openclaw/workspace/.env/*, run Playwright-based scrapers against Ministry of Education SSO portals, and optionally sync events to Google Calendar. The runtime instructions and scripts read student usernames/passwords, build OFEK_KIDS_JSON, and call Google Calendar APIs. They also rely on an external script path for Webtop. The instructions therefore access sensitive credentials and system paths not declared in the registry and reference files outside the package.
!
Install Mechanism
There is no declared install spec in registry (instruction-only), but the repo includes an install.sh that only creates an env template. The code relies on third-party Python packages (Playwright, google-auth, google.oauth2, etc.) and a Playwright-capable runtime, none of which are declared in registry install metadata. Also the Webtop fetcher is an external script path not bundled here — dependency on another local skill/repo increases risk/fragility.
!
Credentials
The code expects many sensitive environment values and files: student usernames/passwords for multiple children (GALIM_* and OFEK_*), OFEK_KIDS_JSON, GOOGLE_SA_FILE (service-account JSON), OFEK_GALIM_CALENDAR_ID, OFEK_GALIM_WHATSAPP_GROUP. The registry listed none. Requesting Ministry-of-Education student IDs & passwords and a Google service-account file is proportionate to the stated calendar-sync and scraping purpose, but the omission from metadata and the large number of secrets required (including a full Google SA JSON file) is a significant practical and security concern that should be explicit to users.
Persistence & Privilege
The skill is not always:true and does not request forced persistent installation. It does expect to read local env files and (for calendar sync) a local service-account JSON under ~/.openclaw/workspace/.secrets — these are local credentials with broad privileges if misconfigured. Autonomous invocation is allowed by default (platform default); combine that with the broad local credential usage and you should be cautious about enabling autonomous runs.
What to consider before installing
This package contains working scrapers and a calendar-sync that match the description, but the registry metadata incorrectly says no environment or binaries are required. Practical points before installing or enabling: 1) The scripts require student portal usernames/passwords (GALIM_* and OFEK_*) and a Google service-account JSON (GOOGLE_SA_FILE) to sync calendars — treat these as highly sensitive and do not reuse high-privilege accounts. 2) The repo needs Python dependencies (Playwright and Google auth libraries) and a Playwright-capable environment; these are not declared in the registry. 3) The webtop fetch step references an external script path (/root/.openclaw/skills/pywebtop-skill/webtop_homework_fetcher.py) that is not bundled here — inspect that file before use. 4) The install.sh only creates an env template; there is no safe automated install from a trusted release host. 5) If you proceed: run the scripts in an isolated environment, create a dedicated, least-privilege Google service account scoped only to the calendar you intend, store child credentials securely (not in version control), prefer dry-run sync (--dry-run), and inspect all referenced external files. Because the package hides its true required credentials/deps in SKILL.md and code (not registry metadata) treat this as suspicious until you verify provenance and dependency/credential setup.

Like a lobster shell, security has layers — review code before you run it.

calendarvk977n3npjmh5tvhtpb26rsznz583t9ksclaude-codevk977n3npjmh5tvhtpb26rsznz583t9kseducationvk977n3npjmh5tvhtpb26rsznz583t9kshomeworkvk977n3npjmh5tvhtpb26rsznz583t9kslatestvk977n3npjmh5tvhtpb26rsznz583t9ksparentsvk977n3npjmh5tvhtpb26rsznz583t9kswhatsappvk977n3npjmh5tvhtpb26rsznz583t9ks

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments