ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Agent Notify

v0.1.0

Cross-platform notification sound and taskbar flash for AI coding agents (Claude Code, OpenClaw, Codex, Kiro, Cursor, etc.). Plays alert sounds and visual no...

0· 121·0 current·0 all-time
byMiluer@miluer-tcq
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The skill's stated purpose (cross-platform notifications for multiple AI agents) matches the included Linux and macOS scripts and config files. However, the package claims Windows support but the manifest does not include a Windows/PowerShell script (README references notify-windows.ps1 but it is missing). That is an inconsistency: either Windows support is incomplete or files were omitted.
Instruction Scope
SKILL.md explicitly instructs the agent to detect OS, locate or create agent config directories (e.g., ~/.claude, ~/.openclaw, etc.), search for the skill directory, and install/copy notification scripts and update hook settings. Those file-system reads/writes and search commands are expected for this integration, but they do mean the skill will read and write user agent config under the home directory and run shell commands (find, uname, jq/python3 when present). There is no instruction to exfiltrate data or contact remote endpoints.
Install Mechanism
No install spec that downloads remote archives is included; the package is instruction-only with bundled scripts and config files. That is a low-risk install mechanism compared with remote downloads. Scripts rely on common local utilities (notify-send, afplay, paplay/aplay) but do not fetch code from external URLs.
Credentials
The skill requests no environment variables, no secrets, and no system-wide credentials. It only requires access to user home config directories to read/write notify-config.json and settings.json, which is proportionate for an agent integration.
Persistence & Privilege
The skill does not request always:true and does not claim elevated privileges. It will create or modify per-user agent config directories (e.g., ~/.claude) and write a notify-config.json; this is normal for a local agent integration but is persistent in the user's home directory and will require filesystem write permissions.
What to consider before installing
This skill appears to do what it says for macOS and Linux, but the package claims Windows support while the Windows script is missing—expect to fix or supply that if you need Windows. Installing will require the skill (or you) to create/modify per-user agent config directories like ~/.claude and write notify-config.json; review the provided scripts (scripts/notify-linux.sh and scripts/notify-macos.sh) before running them and back up any agent settings files (settings.json). Ensure required local utilities are available (notify-send, paplay/aplay on Linux; afplay/osascript on macOS). If you use a shared or managed machine, get explicit permission before allowing the skill to write to your home/config directories. If you want a higher-assurance verdict, provide the full SKILL.md (it was truncated in the package listing) and confirm whether a Windows script should be present.

Like a lobster shell, security has layers — review code before you run it.

latestvk977sjj171h427w1f3tjb0kv5s834aa3

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments