Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
claw-code
v1.0.0TypeScript runtime port of Claude Code's AI agent harness for running commands, routing prompts, managing sessions, and auditing tool/command registries.
⭐ 0· 90·1 current·1 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
OpenClaw
Benign
medium confidencePurpose & Capability
The code and SKILL.md match the description: a TypeScript CLI/runtime for an agent harness with command/tool registries, query engine, session store, and parity/audit stubs. Minor mismatch: SKILL.md expects you to run 'node dist/main.js' but the skill metadata lists no required binaries — 'node' is implicitly required but not declared.
Instruction Scope
Runtime instructions are explicit CLI commands that operate on the included compiled code (dist/*.js). The SKILL.md tells the user to cd into a user-specific path (C:\Users\dae\.openclaw\...) and run node; it also instructs reviewing source files. The visible modules are mainly stubs/mirrors and do not access external endpoints in the shown files, but some modules that were truncated (notably remote_runtime.js and session_store.js) could perform filesystem I/O or networking — these should be inspected before execution.
Install Mechanism
No install spec is provided (instruction-only with bundled code). Nothing is being downloaded at install time; all code is present in the skill bundle, which reduces install-time risk. The skill will require a Node runtime to execute its dist/*.js files but does not declare it.
Credentials
The skill declares no required environment variables or credentials and the visible code does not reference secrets or external API keys. That is proportionate for a local CLI-style harness. Note: session persistence and keychain-prefetch functions are present as stubs; verify session_store.js and any 'keychain' related code to confirm they are indeed no-ops and not reading secrets.
Persistence & Privilege
The skill can persist and load sessions (saveSession/loadSession are imported). This is expected for an agent harness; the skill is not set to always:true. Confirm where sessions are written (paths) before running if you care about local disk writes. Autonomous invocation (disable-model-invocation=false) is normal and not by itself a risk.
Assessment
This skill appears to be what it claims (a TypeScript/Node CLI port of an agent harness) and requests no secrets, but take these precautions before running it:
- Ensure you have Node installed; SKILL.md assumes 'node' though the metadata didn't list it.
- Inspect session_store.js and remote_runtime.js (both present in the bundle but truncated in the listing). They are the most likely places for filesystem or network access. Confirm they only read/write local files under the skill workspace and don't attempt to exfiltrate data or open network connections you don't want.
- Because the Quick Start uses a user-specific Windows path (C:\Users\dae\...), adjust to your environment and run from a sandbox or non-critical environment first.
- If you want stronger assurance, run node dist/main.js with harmless commands like 'summary' or 'command-graph' and observe behavior (and what files get created) before using any 'exec-tool', 'remote-mode', or 'ssh-mode' commands.
- If you do not trust the unknown owner or need stricter isolation, run the skill inside a VM or container or decline installation.Like a lobster shell, security has layers — review code before you run it.
latestvk97a7732tqwwxp4awfy79twdss84fds3
License
MIT-0
Free to use, modify, and redistribute. No attribution required.