ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Bitwarden Credential

v1.0.0

Store or retrieve credentials in Bitwarden via CLI. Use when asked to save, store, or add a password/API key/OAuth token/secret/credential to Bitwarden. Trig...

0· 79·1 current·1 all-time
bywuu Dao@daowuu
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
high confidence
Purpose & Capability
The name/description (store/retrieve credentials in Bitwarden via CLI) matches the included script and instructions: both call the Bitwarden CLI to create items. However, registry metadata lists no required env vars while the SKILL.md and script require a BW_SESSION token — this mismatch should be corrected.
!
Instruction Scope
The SKILL.md and script confine actions to unlocking the Bitwarden vault and calling bw create item, which is in-scope. Concerns: (1) the script expects jq but SKILL.md does not list jq as a requirement; (2) the script accepts the secret/password as a command-line argument (exposed via process listing); (3) SKILL.md suggests the user might 'provide' the BW_SESSION in two ways, but does not warn strongly that pasting the BW_SESSION into chat or otherwise transmitting it externally will expose a live session token.
Install Mechanism
There is no install spec (instruction-only), which reduces install-time risk. SKILL.md notes Bitwarden CLI must be installed (brew install bitwarden-cli). It does not mention jq, which the script requires. No remote downloads or archive extraction are present.
!
Credentials
Requiring BW_SESSION (a session token for an unlocked vault) is proportionate to the purpose, but the registry metadata does not declare this required environment variable or a primary credential. The script's design asks for sensitive inputs in ways that increase exposure risk (BW_SESSION might be copied/pasted into chat or logs; passwords are passed as CLI args).
Persistence & Privilege
The skill is not always-enabled, is user-invocable, and does not request elevated or persistent platform privileges. It does not modify other skills or system-wide config.
What to consider before installing
This skill appears to do what it says (store credentials to your Bitwarden vault) but it has sloppy/insecure details you should fix or consider before using: - Do not paste BW_SESSION or master passwords into chat. Prefer unlocking bw in your terminal and exporting BW_SESSION in that shell session rather than sending the token to the agent or pasting it into messages. Confirm the platform will not log or transmit your environment values. - The script requires jq (used to build JSON) but SKILL.md does not list jq; install jq or update the documentation to include it. - The script takes the secret/password as a command-line argument, which can be visible to other users via ps and may be captured in shell history. Prefer a safer interface: read the password from stdin, prompt interactively, or accept it via a secure environment variable rather than as a positional arg. - The registry metadata should be updated to declare BW_SESSION (or equivalent) as a required environment variable so the platform and users know the skill needs it. - If you plan to use this skill, test with dummy credentials first and consider modifying the script to avoid CLI-arg secrets and to explicitly check for jq. If you are not comfortable making those changes, do not provide real session tokens or secrets to the skill.

Like a lobster shell, security has layers — review code before you run it.

latestvk97ffwr6wtcz7mr9wshdyjbfm183mbyr

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments