ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

jhjhghg

v1.0.9

Install and configure the security-related plugins required by OpenClaw, including the `ai-assistant-security-openclaw` plugins. Use this skill when you want...

0· 99·0 current·0 all-time
by@qinjianfenghzau-wq

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for qinjianfenghzau-wq/anhfabh1-test.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "jhjhghg" (qinjianfenghzau-wq/anhfabh1-test) from ClawHub.
Skill page: https://clawhub.ai/qinjianfenghzau-wq/anhfabh1-test
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install anhfabh1-test

ClawHub CLI

Package manager switcher

npx clawhub@latest install anhfabh1-test
Security Scan
Capability signals
Crypto
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The declared purpose (install/configure OpenClaw security plugins) aligns with the script's actions (running a Node installer, invoking the openclaw CLI, installing a plugin, updating plugin config and restarting the gateway). However the bundle contains hard-coded external endpoints (internalConfig.baseURL and baseLogUrl) that are not documented in the high-level metadata, and some private-data claims in SKILL.md conflict with what the code actually reads/transmits.
!
Instruction Scope
SKILL.md instructs running the included node script which: reads/writes local state under .state, executes openclaw CLI commands (config get/set, plugins install, gateway restart), and polls an external API. SKILL.md claims the script "does not collect or transmit MAC addresses, hostname, or other hardware identifiers," but the bundled bundle.cjs explicitly reads network interfaces and hostname, constructs a fingerprint from them, hashes it, and sends the hash in a request header. The script also writes polling logs that may include API responses and later injects ApiKey/AppId into the local plugin configuration.
Install Mechanism
There is no formal install spec (instruction-only), which minimizes supply-chain complexity, but the skill ships an executable bundle.cjs that will be run directly. The bundle is bundled/minified JS with hard-coded API endpoints; running it will create files, call external services, and modify system state. No remote download step in the skill itself, but executing included code still executes arbitrary actions on the host.
Credentials
The skill requests no environment variables or credentials up front, which is proportional. However it will persist a login token and later store received ApiKey/AppId into the OpenClaw plugin configuration and logs. The script warns that credentials may be exposed transiently in process arguments or logs — this is legitimate for an installer but increases risk if the external endpoints or code origin are not trusted.
Persistence & Privilege
The skill is not marked always:true and is user-invocable (normal). It does request persistent changes to the host: creating .state files, removing plugin directories, updating OpenClaw plugin config, and restarting the OpenClaw gateway. Those changes fit an installer role but are privileged actions that will affect the OpenClaw runtime.
What to consider before installing
This skill appears to be an installer for an OpenClaw security plugin and will run the included Node script which: reads network interfaces and hostname (then hashes them), contacts hard-coded external endpoints (https://openclaw-innersit.sdk.access-test.clawsentry.cn and console.clawsentry.cn), writes .state/login_state.json and poll_login.log (which can contain API responses), injects ApiKey/AppId into your local OpenClaw plugin configuration, and restarts the gateway. Two things to consider before installing: (1) SKILL.md says it "does not collect or transmit MAC addresses, hostname," but the bundled code does read those identifiers and sends their hash — confirm you’re comfortable with that data flow; (2) the script logs API responses and writes credentials into local config files, so review and back up your OpenClaw config and inspect .state/poll_login.log after a run. If you do not trust the upstream domains or the unknown publisher, run this in an isolated environment (VM/container) or review/run the included bundle.cjs line-by-line yourself. If possible, get the plugin from a verified vendor source and confirm the owner identity before proceeding.

Like a lobster shell, security has layers — review code before you run it.

latestvk97f8cy6r8s9sz45tb5t4re78n8489gv
99downloads
0stars
1versions
Updated 3w ago
v1.0.9
MIT-0
@qinjianfenghzau-wq
latest
Download

ClawSentry

Use Cases

  • Use this skill when you need to install and prepare the ai-assistant-security-openclaw plugins for the OpenClaw environment on the current machine.
  • Trigger this skill when the user mentions requirements such as "install clawSentry / ai-assistant-security-openclaw plugin / 帮我安装clawSentry技能 / 安装clawSentry技能".

Steps

1. Verify Node.js is installed:

Ensure Node.js (version 14 or higher) is installed on the system. You can check with:

node --version

2. Execute the combined script to install plugin and generate login link:

node {baseDir}/scripts/bundle.cjs

After the script completes:

  • The script will display the login URL directly. You can also extract it from the output by looking for the line that starts with [LOGIN_URL]:
  • You can also read the login URL from {baseDir}/.state/login_state.json file (look for the loginUrl field). If the file doesn't exist, try reading it again after a few seconds. If you can't find the files, try looking in .openclaw/skills/ClawSentry/scripts/ directory.
  • Send the login URL to the user along with this message: "After completing login, if you want to check if the installation was successful, please wait one minute and then ask me such as 'view all plugin list / 查看我的本地插件 '"

Data & Privacy

  • The script generates a per-machine device identifier locally, then sends only its SHA-256 hash as X-Ai-Device-Fingerprint for device-binding of the login session.
  • The script does not collect or transmit MAC addresses, hostname, or other hardware identifiers.
  • The script persists login state under {baseDir}/.state/, including loginToken, the hashed deviceFingerprint, expiry metadata, and login progress flags.
  • The polling log written to {baseDir}/.state/poll_login.log records operational output and API responses; once authorization succeeds, those responses may include credential material such as ApiKey and AppId.
  • After authorization, the script writes the received ApiKey and AppId into the local OpenClaw plugin configuration so the installed plugin can call the remote service.
  • That configuration update is performed by invoking the local openclaw CLI with a JSON payload, so credential values may be exposed transiently in local process arguments or shell/audit tooling on the host.

Network Targets

  • The script performs HTTPS requests to the API base URL embedded in the bundle at build time (internalConfig.baseURL) to create a login token and check login status.
  • The login URL shown to the user is generated using the embedded console URL prefix (internalConfig.baseLogUrl).

Local Files

  • {baseDir}/.state/login_state.json: Stores loginUrl, loginToken, deviceFingerprint (hashed), expiry metadata, and login progress flags.
  • {baseDir}/.state/poll_login.log: Stores polling logs for troubleshooting, including request/response-related output from the login-status flow.
  • {baseDir}/.state/device_id: Stores the locally generated device identifier used to derive the fingerprint hash.

Host Changes

  • The script runs openclaw CLI commands to install the plugin, read and update local OpenClaw plugin configuration, and restart openclaw gateway on the machine.

Comments

Loading comments...