ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Background Download

v1.0.0

Asynchronous background download with retry, status tracking via Ontology, notifications to original channel. Supports resume on broken connections.

0· 90·0 current·0 all-time
by@hansponddg

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for hansponddg/background-download.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Background Download" (hansponddg/background-download) from ClawHub.
Skill page: https://clawhub.ai/hansponddg/background-download
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install background-download

ClawHub CLI

Package manager switcher

npx clawhub@latest install background-download
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description (background, resume, retry, ontology tracking, notifications) align with the code and SKILL.md. Requiring an ontology skill and a message/CLI for notifications is expected for the described behavior. The need for curl/wget is justified.
!
Instruction Scope
The SKILL.md and code instruct the agent to create and update DownloadTask entities and to send notifications to the original channel — all consistent. However, the runtime instructions and code execute many shell commands (calling an ontology script, performing curl, invoking 'openclaw message send') and interpolate user-supplied strings into shell commands without escaping. The code also double-forks to create detached background processes. These behaviors expand the runtime scope considerably and introduce injection and operational risks that are not called out in the SKILL.md.
Install Mechanism
No install spec; the skill is instruction-plus-code only. Nothing is downloaded from external URLs during install. This is low install risk, but the code will execute commands at runtime.
!
Credentials
The skill declares no env vars, which is consistent. But it assumes a specific local path for the ontology script (~/.openclaw/.../ontology/scripts/ontology.py) and uses the 'openclaw' CLI; these implicit dependencies and path assumptions grant it access to local agent memory and messaging. Notifications include URLs and paths which could leak sensitive info to channels. The skill accepts arbitrary URL/path/channel inputs which are directly interpolated into shell commands — disproportionate risk relative to a simple downloader unless inputs are strictly validated/escaped.
Persistence & Privilege
The skill forks detached background processes to perform downloads and relies on scheduled cleanup/archiving. It does not request 'always: true' or modify other skill configs, but the background process model means the skill will run independently of the parent session. This is expected for background downloads but increases the blast radius if the code is abused (e.g., to download arbitrary content or perform repeated network calls).
What to consider before installing
This skill appears to do what it claims (background downloads tracked in Ontology and notifications), but its implementation is risky rather than malicious. Key concerns to check before installing: - The code builds shell commands (ontology invocation, curl, openclaw message) by concatenating user-provided strings without escaping — this is vulnerable to shell injection. Review and/or patch the code to use argument lists or proper escaping (e.g., shlex.quote) and avoid shell=True. - The script assumes a hard-coded ontology script path under ~/.openclaw/...; confirm that this path is correct and that the referenced ontology CLI is trusted and safe. - Notifications include URL and file path information — decide whether that could leak sensitive URLs or filesystem locations to channels. - Background processes persist outside the agent session; run this skill in a restricted environment or with limited filesystem/network permissions if possible. - If you plan to let other skills call start_download programmatically, ensure callers cannot pass malicious values for 'url', 'path', or 'channel'. If you cannot audit and harden the code (escape shell args, validate inputs, or call the ontology/openclaw APIs safely), treat this skill as unsafe to enable in production.

Like a lobster shell, security has layers — review code before you run it.

latestvk979n6mawbcs03fd8dtyrbk8xd8458px
90downloads
0stars
1versions
Updated 3w ago
v1.0.0
MIT-0
@hansponddg
latest
Download

Background Download Skill

中文:后台异步下载技能

  • 非阻塞下载,不占用主会话
  • 支持断点续传,自动重试
  • 通过 Ontology 跟踪状态
  • 结果通知到原请求渠道

Asynchronous background file download with:

  • Non-blocking: returns immediately to user, downloads in background
  • Resumeable: uses curl/wget built-in continue (-c)
  • Retry: configurable max retries (default 3)
  • Status tracking: all tasks stored in Ontology knowledge graph
  • Notification: sends completion/failure notification to original channel
  • Housekeeping: heartbeat cleans up zombie tasks, archives old completed tasks

Commands

start - Start a new background download

python3 scripts/download.py start --title "Title" --url "https://example.com/file.zip" --path "/path/to/save/file.zip" --channel "feishu:direct:user_id" [--max-retries 3]

status - Check download status by task id

python3 scripts/download.py status --id down_xxxxxxx

list - List all download tasks filtered by status

python3 scripts/download.py list [--status pending|downloading|completed|failed|archived]

archive - Archive old completed tasks

python3 scripts/download.py archive --days 7

cleanup-zombies - Mark stale downloading tasks as failed

python3 scripts/download.py cleanup-zombies --hours 2

Architecture

User requests download
  ↓
Create DownloadTask in Ontology (status=pending)
  ↓
Fork background download process, exit immediately (non-blocking)
  ↓
Background:
  Update status → downloading
  Loop:
    Download with curl -C - (resume)
    If success:
      Update status → completed
      Send notification to original channel
      Done
    If fail:
      retry_count += 1
      If retry_count < max_retries: wait 30s → retry
      Else:
        Update status → failed
        Send failure notification to original channel
        Done

Heartbeat daily:
  cleanup-zombies --hours 2
  archive --days 7

Ontology Schema

See references/schema.json for DownloadTask definition.

Required properties:

  • title: Human-readable download name
  • url: Download URL
  • path: Local path to save file
  • status: pending|downloading|completed|failed|archived
  • retry_count: Current number of retries
  • max_retries: Maximum retries (usually 3)
  • created_by_channel: Original channel identifier (channel_type:channel_id:user_id) for notification

Usage Example

# From another skill
from scripts.download import start_download
start_download(
    title="Obsidian Windows",
    url="https://github.com/obsidianmd/obsidian-releases/releases/download/v1.12.4/Obsidian-1.12.4.exe",
    path="/home/user/files/Obsidian.exe",
    channel="feishu:direct:ou_xxxxxxx",
    max_retries=3
)

Notification

Completion/failure notifications are sent via openclaw message send to the original channel recorded in created_by_channel.

Requirements

  • ontology skill must be installed and initialized
  • curl or wget available on system

Comments

Loading comments...