ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Kaggle

v2.0.0

Unified Kaggle skill. Use when the user mentions kaggle, kaggle.com, Kaggle competitions, datasets, models, notebooks, GPUs, TPUs, badges, or anything Kaggle...

2· 1.1k·3 current·3 all-time
by@shepsci
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The code and SKILL.md implement the claimed Kaggle capabilities (registration, CLI/SDK use, Playwright scraping, notebook execution, dataset/model creation, and a multi-phase badge collector). However registry metadata declares only KAGGLE_KEY as required while the SKILL.md recommends KAGGLE_API_TOKEN (primary) and optionally KAGGLE_USERNAME/KAGGLE_KEY; that mismatch is inconsistent and may confuse users. The badge-collector's scope (automatically earning many badges, setting up streak automation) is aggressive but matches the README description — it is unusual but not intrinsically incoherent with the stated purpose.
!
Instruction Scope
Runtime instructions and included scripts instruct the agent to read/write user credential files (~/.kaggle/access_token, ~/.kaggle/kaggle.json, optional .env), push/pull kernels, submit to competitions, create datasets/models, and optionally install/playwright-driven browser automation and cron/launchd streaks. These actions involve persistent credential storage and automated account activity (submissions, login streaks) that go beyond passive reading/lookup and could lead to unintended side effects or ToS violation if run without review. The SKILL.md also instructs running credential-check and ‘full workflow’ scripts — these will perform network calls and write files.
Install Mechanism
No install spec is provided (instruction-only), but SKILL.md and READMEs list Python packages (kagglehub, kaggle, requests, python-dotenv) and optional Playwright steps. The repository includes many Python scripts that assume these packages are present; the lack of an install mechanism means an operator must manually pip-install dependencies before running. This is an inconsistency novices may miss.
!
Credentials
Registry lists a single required env var KAGGLE_KEY (legacy) but SKILL.md emphasizes KAGGLE_API_TOKEN as the primary credential and also references KAGGLE_USERNAME; the code appears to read/write ~/.kaggle artifacts as well. The requested credential access is specific to Kaggle (no unrelated cloud keys), which is proportional, but the metadata/instruction mismatch (KAGGLE_KEY vs KAGGLE_API_TOKEN) is problematic: you should confirm exactly which token the scripts will read and where they will persist it. The scripts write credential files and may optionally store values in .env — that is sensitive and should be reviewed.
Persistence & Privilege
The skill does not demand forced always-on presence (always:false). It will write to the user's Kaggle config files (~/.kaggle) and create persistent Kaggle resources (datasets, models) and progress files (badge-progress.json) in the repository. It may also recommend setting up scheduled tasks (streak automation). Autonomous invocation is allowed by default (disable-model-invocation:false) — combined with the badge automation this increases potential blast radius, but autonomous invocation alone is normal for skills.
What to consider before installing
This skill implements powerful automation for Kaggle — including account setup, pushing/running kernels, submitting to competitions, creating datasets/models, and an automated badge-farming system. Before installing or running it: - Verify which credential the scripts actually read/write (KAGGLE_API_TOKEN vs KAGGLE_KEY vs KAGGLE_USERNAME) and where (it will write to ~/.kaggle/access_token and/or ~/.kaggle/kaggle.json and may offer to write a .env). - Inspect the registration and badge-collector scripts (e.g., modules/registration/* and modules/badge-collector/*) yourself. They perform network calls, create resources, and submit files on your behalf. - Do not run the badge-farming or submission phases from your primary/personal Kaggle account — use an isolated test account, because automated submissions, mass resource creation, or streak automation may violate Kaggle Terms of Service. - The skill lists Python and pip dependencies (kagglehub, kaggle, requests, python-dotenv, optional playwright) but provides no install spec; ensure you manually install and audit those packages and Playwright before running. - Prefer running with --dry-run and --status first to see planned actions and inspect badge-progress.json; review any cron/launchd setup steps before enabling persistent tasks. - If you decide to proceed, create and use limited/test credentials and revoke them after verification. If anything looks unexpected (posting to endpoints other than api.kaggle.com / www.kaggle.com / storage.googleapis.com, exfiltration of unrelated files, or attempts to access other system credentials), stop and do not run the scripts. Given the mismatches and the potential for abusive automation, proceed only after manual code review and using an isolated account.

Like a lobster shell, security has layers — review code before you run it.

competitionsvk976vw9jrs6fj4rbp83gw56wm980ypcxdata-sciencevk976vw9jrs6fj4rbp83gw56wm980ypcxkagglevk976vw9jrs6fj4rbp83gw56wm980ypcxlatestvk978v46wb1544rtpyqvthkf36h82rwj2

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Binspython3, pip3
EnvKAGGLE_KEY

Comments