Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
AgentPulse Monitor
v1.0.0AI-powered infrastructure monitoring — thin agent, smart cloud. One-command install, real-time alerts, baseline learning, auto-remediation.
⭐ 0· 20·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name, SKILL.md, and src/agent_client.py are consistent: a thin agent that collects system metrics and posts them to a cloud API. However, the registry metadata lists no required environment variables or primary credential even though the agent requires an API key and server ID (via env vars or /etc/agentpulse.conf). The package includes the agent source but SKILL.md directs users to download/install from agentpulse.io instead of using the bundled file — an inconsistency worth questioning.
Instruction Scope
SKILL.md instructs collecting and sending sensitive host-level metrics (hostname, listening ports, process counts, disk/memory usage) to an external API — that's expected for monitoring, but the instructions also recommend piping a remote install script into bash (curl -fsSL https://agentpulse.io/install.sh | bash) and direct configuration of /etc/agentpulse.conf. The agent code disables TLS certificate verification when contacting the API (ctx.check_hostname=False; ctx.verify_mode=ssl.CERT_NONE), which increases risk of MitM and credential exposure during communication.
Install Mechanism
There is no formal install spec in the registry, yet SKILL.md recommends executing a remote install script via curl|bash from agentpulse.io and/or downloading a binary from that domain. Those sources are not a well-known release host and piping to shell is high-risk. The package does include src/agent_client.py, but the documentation prefers fetching code from an external site — this divergence is suspicious and increases supply-chain risk.
Credentials
The agent legitimately requires an API key and server ID to send reports; those are minimally scoped for the stated purpose. However, the registry metadata declares no required env vars or primary credential, which is inconsistent. The code reads secrets from environment variables or /etc/agentpulse.conf and includes API key in POST payloads — expected, but you should treat those secrets as sensitive.
Persistence & Privilege
The skill does not request always:true and allows user invocation/autonomy normally. It instructs writing a config to /etc and installing a binary to /usr/local/bin and adding cron entries — these are standard for a system agent but require root privileges and will create persistent scheduled tasks. This is expected for a monitoring agent, but users should be aware of privileged install impact.
Scan Findings in Context
[pre-scan-injection-none] expected: No pre-scan injection or regex-based warnings were detected by the static scanner; absence of findings does not imply safety — the SKILL.md and included code contain operational risks described above.
What to consider before installing
Do not run the curl|bash installer from agentpulse.io without review. Before installing: (1) verify the vendor and domain ownership (agentpulse.io has no homepage in the registry entry), (2) inspect the bundled src/agent_client.py yourself (it is included) instead of blindly downloading a remote script, (3) note that the agent disables TLS verification — contact the vendor or fix the code to validate certificates before sending credentials/metrics, (4) install first in an isolated/staging environment and restrict outgoing network access to only the API host, (5) avoid using production credentials until you confirm where and how data is stored and who can access it, and (6) prefer installing using the included source or a signed release from a verifiable repository rather than piping remote scripts to shell.Like a lobster shell, security has layers — review code before you run it.
latestvk976szyqgathnjdqg1yt52gwkh850z0f
License
MIT-0
Free to use, modify, and redistribute. No attribution required.