Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Resilient File Delivery
v1.0.0Deliver files via multi-channel fallback (Telegram, Discord, Google Drive, S3, IPFS) with automatic retries, chunking, integrity checks, and delivery tracking.
⭐ 0· 752·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
SKILL.md and README describe multi-channel delivery (Telegram, Discord, Google Drive, S3, IPFS) which legitimately requires service credentials and client libraries. However, the skill package contains no implementation files (no index.js or other code), yet package.json advertises a main entry and the docs instruct npm/pip installs. The skill bundle does not declare or request the credentials it clearly needs. The explicit claim to 'Bypass sandbox restrictions' is particularly concerning and not justified by a normal file-delivery use case.
Instruction Scope
The SKILL.md acts like library docs but also instructs agent operators to install external packages and shows code that would read local filesystem paths (file: '/path/to/file.zip') and send them to external platforms. Those instructions enable reading and transmitting local files to third parties. The guidance to 'bypass sandbox restrictions and email blocks' suggests evasion behavior beyond legitimate delivery and could be abused for data exfiltration.
Install Mechanism
There is no install spec in the skill bundle (instruction-only), which is lower risk by itself, but SKILL.md explicitly tells users to run 'npm install resilient-file-delivery' or 'pip install resilient-file-delivery' — i.e., to fetch and execute external packages. The bundle itself lacks the implementation files referenced in package.json, so the only way to obtain functionality would be to fetch code from external registries/repos at runtime. That external fetch increases risk because arbitrary third-party code would be installed and run.
Credentials
The skill declares no required environment variables or credentials, yet its features and README configuration clearly need tokens/credentials (Telegram BOT_TOKEN, Discord WEBHOOK_URL, Google Drive creds.json, S3 keys, IPFS gateway). This mismatch means the skill as packaged does not declare the sensitive access it requires — a red flag for potential credential misuse or unclear requirements. The README also suggests storing credentials in files (creds.json) which could encourage insecure handling.
Persistence & Privilege
The skill does not request 'always: true' and is user-invocable; model invocation is allowed (default). Autonomous invocation is normal for skills, but given the other red flags (undeclared credentials, evasion language, external installs), allowlisted/autonomous execution would increase risk — verify carefully before enabling autonomous runs.
What to consider before installing
This skill raises multiple red flags. Before installing or using it: (1) Do not run the suggested npm/pip install on a production host — the bundle provides no code and would force you to fetch external packages. (2) Ask the publisher for the actual source code or verify the GitHub repo and confirm the package contents match the docs (look for index.js and implementation). (3) Be wary of the phrase 'bypass sandbox restrictions' — that indicates evasive behavior and possible misuse for exfiltration. (4) If you need this capability, run any tests in an isolated environment, and only provide API keys/tokens with least privilege and temporary credentials. (5) Require the author to list precisely which credentials are needed and how they are used; if they cannot justify them, do not install.Like a lobster shell, security has layers — review code before you run it.
latestvk97et37nb9xwvspsks8n2m000d80wa02
License
MIT-0
Free to use, modify, and redistribute. No attribution required.