Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Blacksnow
v0.1.0Detects pre-news ambient risk signals across human, legal, and operational systems and converts them into machine-readable, tradable risk primitives.
⭐ 0· 1.5k·0 current·0 all-time
bySieer Shafi Lone@sieershafilone
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description match the included scripts (harvester, pipeline, webhook, memory). However, the SKILL.md declares no required credentials or config paths while the codebase implies network I/O, data storage, and potential external integrations (monetization, streaming). The monetization and integration claims (real-time streaming, tradebot/hedgecore integration) suggest external API keys and credentials which are not declared — an incoherence that reduces transparency.
Instruction Scope
SKILL.md gives high-level agent roles but not bounded runtime instructions. Phrases like 'collects obscure, legally accessible data exhaust from approved domains' grant the agent broad latitude about what to fetch and from where. The skill claims to forbid private or paywalled sources, but there is no concrete enforcement mechanism described. Presence of memory.py and webhook.py suggests the runtime could persist or exfiltrate data or open network endpoints; those operations are not scoped or constrained in the instructions.
Install Mechanism
No install spec is provided — the skill is instruction/code-only and does not download arbitrary binaries during install. That lowers installation risk. All code is bundled with the skill (scripts/*), so there are no external download URLs in the manifest to flag.
Credentials
The manifest declares no required environment variables or primary credentials, yet the functionality (webhooks, streaming outputs, integrations with trading/monetization endpoints) implies the need for API keys, access tokens, or destination URLs. The lack of declared env requirements is disproportionate and reduces the user's ability to audit what secrets the skill will need or access.
Persistence & Privilege
always is not set and disableModelInvocation is not set (default enabled), so the model could invoke this skill autonomously. That is common for integration skills, but given this skill's potential to collect, store, and forward ambient signals, you should be aware the agent may trigger network I/O and data storage without additional explicit settings. The skill does include a memory component, indicating persistence capability.
What to consider before installing
This skill bundles code that scrapes/harvests, stores memory, and sends webhooks but declares no required credentials or install steps — that's a red flag. Before installing: 1) Review the scripts (harvester*, pipeline.py, memory.py, webhook.py) to confirm what endpoints are contacted, what is persisted, and whether any default URLs or keys are embedded. 2) Verify how the skill enforces its 'forbidden' list (no PII, no paywalled sources) — there is no technical proof in SKILL.md. 3) If you don't want autonomous network activity, set disableModelInvocation: true or otherwise require manual invocation. 4) Require an audit or code review for GDPR/PII handling and confirm where webhook targets will send data. 5) Ask the publisher which environment variables/credentials are actually needed and why they are not declared. These steps will reduce the risk of unexpected data collection or exfiltration.Like a lobster shell, security has layers — review code before you run it.
latestvk97en4461y8ernf7w7ddrt36g980qwbn
License
MIT-0
Free to use, modify, and redistribute. No attribution required.