Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Workflow Automation (Alex)
v1.0.0Automate repetitive development tasks and workflows. Use when creating build scripts, automating deployments, or setting up development workflows. Handles np...
⭐ 0· 9·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill claims to automate builds/deployments but the registry metadata lists no required binaries or credentials. The runtime instructions, however, assume Node.js, npm, docker/docker-compose, ssh, and other tools — which are not declared. That's an incoherence: the skill needs system tooling and remote access for deployments but does not declare them.
Instruction Scope
SKILL.md instructs the agent/user to run scripts that modify local files (.env copy), run docker-compose, run database migrations, optionally seed data, and execute remote SSH commands to production/staging. It also contains destructive 'rm -rf' usages for cleaning. These actions are within 'workflow' scope but have side effects and require secrets/credentials that the skill does not declare or constrain.
Install Mechanism
This is an instruction-only skill with no install spec and no code files for the platform to install. That is low-risk in terms of arbitrary code being downloaded by the installer.
Credentials
requires.env is empty, yet the scripts clearly expect SSH access to remote hosts and a local .env file that may contain secrets. The skill does not declare any primary credential or environment variables, so credentials are implicit (SSH keys, DB credentials in .env). This lack of explicit credential declaration is disproportionate to safe usage and hides required privileges.
Persistence & Privilege
The skill does not request permanent presence (always:false) and does not modify other skills or system-wide agent settings. Autonomous invocation is allowed (platform default) but not by itself a red flag here.
What to consider before installing
This skill mostly does what it says (create npm scripts, Makefile, GitHub Actions, and helper scripts) but has several things you should check before using it:
- Review the scripts line-by-line. They contain 'rm -rf' (clean/reset) and other destructive commands — confirm these are acceptable for your repo and that backups exist.
- The skill does not declare required tools or credentials, yet scripts assume Node/npm, docker/docker-compose, ssh access to 'production'/'staging', and a .env file with secrets. Make sure you understand and control the SSH keys and any secrets in .env before running.
- The SKILL.md includes a 'MUST NOT' constraint forbidding destructive commands but the provided scripts use rm -rf; this internal contradiction should be resolved by the author.
- Run these scripts in a safe sandbox or a disposable environment the first time (not on a production machine). For deploy.sh, verify the exact SSH targets and commands and consider using a CI/CD system with least-privilege credentials rather than running SSH deploys from your workstation.
If the author can (a) declare the required binaries and environment variables explicitly, (b) remove or make destructive commands optional and documented, and (c) clarify how deployment credentials are provided/used, this would reduce the risk and likely move the skill toward 'benign.'Like a lobster shell, security has layers — review code before you run it.
automationvk974ek7g11ffy9e2z4zp7zr71184nyqvdevopsvk974ek7g11ffy9e2z4zp7zr71184nyqvlatestvk974ek7g11ffy9e2z4zp7zr71184nyqvscriptsvk974ek7g11ffy9e2z4zp7zr71184nyqvworkflowvk974ek7g11ffy9e2z4zp7zr71184nyqv
License
MIT-0
Free to use, modify, and redistribute. No attribution required.