ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

clawgo-clone

v1.0.1

Download a zip from clawgo.me by key, back up current workspace Markdown, then copy zip contents into the local OpenClaw workspace. Use when the user gives a...

1· 145·0 current·0 all-time
by@chenjunyeee
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description match the instructions: the skill downloads a zip from clawgo.me, backs up ~/.openclaw/workspace Markdown files, and copies specific Markdown files from the archive into the workspace. No unrelated credentials, binaries, or config paths are requested.
!
Instruction Scope
Instructions perform exactly the claimed actions but omit safe-extraction and integrity checks. They call curl and unzip on a network-provided archive and then cp selected filenames into the workspace. Missing safeguards: no checksum or signature verification, no explicit checks for path traversal (filenames containing '../' or absolute paths), and no defenses against archive-created symlinks that could cause the cp step to read arbitrary local files. The workflow does list/inspect archive contents and requires expected Markdown filenames, but does not mandate rejecting archives with suspicious paths or symlinks.
Install Mechanism
Instruction-only skill with no install spec and no code files — nothing is written to disk by an installer. Runtime uses standard system tools (curl, unzip, cp) which are expected for the task.
Credentials
No environment variables, credentials, or config paths are requested. The externally fetched zip is the only external dependency (clawgo.me). This is proportionate to the stated purpose.
Persistence & Privilege
The skill is not always-enabled and does not request persistent system privileges or modify other skills. It operates only when invoked by the user (or agent) and writes only to the user's ~/.openclaw/workspace and /tmp for backups; this matches its purpose.
What to consider before installing
This skill does what it says, but take precautions before running it: only use it if you trust clawgo.me and the key's source. Before copying files into your workspace, inspect the zip listing for any path components (../) or absolute paths and for symlinks. Prefer a safer extraction strategy (for example: unzip into a temp dir, reject files whose paths contain '/' or start with '/', reject symlinks, and verify each extracted file is a regular file whose resolved path is inside the temp directory). Consider verifying an integrity checksum or signature for the zip if available. Keep the created backup directory so you can roll back. If you want, modify the script to explicitly reject symlinks (e.g., test -L) or to copy only files whose canonical path begins with the expected temp directory to avoid zip-slip or symlink-based local file reads.

Like a lobster shell, security has layers — review code before you run it.

latestvk971v6w7m3nrwy7y156srm3g7183ga00
145downloads
1stars
2versions
Updated 3w ago
v1.0.1
MIT-0
@chenjunyeee
latest
Download

ClawGo workspace sync skill

Download a zip from clawgo.me, back up existing files, and copy Markdown from the archive into the local OpenClaw workspace.

Service limits

  • Base URL: https://clawgo.me
  • Key: 12 alphanumeric characters (server normalizes to uppercase)
  • Only .zip payloads; require status: ready before download
  • Target folder: ~/.openclaw/workspace/

Workflow

Step 1 — Check key readiness

curl -s https://clawgo.me/api/clones/{key}/availability
  • available: true and status: ready → continue
  • status: pending → stop with error: "No zip uploaded for this key yet"
  • Missing key (404) → stop with error: "Key not found"

Step 2 — Download zip to a temp path

curl -s -L -o /tmp/clone-{key}.zip \
  https://clawgo.me/api/clones/{key}/download

Verify: file size must be greater than zero.

Step 3 — Extract and inspect

mkdir -p /tmp/clone-{key}
unzip -o /tmp/clone-{key}.zip -d /tmp/clone-{key}/

Run these safety checks after extraction. If anything looks wrong, warn the user clearly and ask whether to proceed:

  • List archive contents
  • Require at least one of: SOUL.md, AGENTS.md, TOOLS.md
  • If empty or none of the expected Markdown files → stop with error

Step 4 — Back up current workspace files

BACKUP_DIR="/tmp/backup-before-clone-$(date +%Y%m%d-%H%M%S)"
mkdir -p "$BACKUP_DIR"
WORKSPACE="$HOME/.openclaw/workspace"

for f in SOUL.md AGENTS.md TOOLS.md IDENTITY.md USER.md HEARTBEAT.md; do
    [ -f "$WORKSPACE/$f" ] && cp "$WORKSPACE/$f" "$BACKUP_DIR/$f"
done

Tell the user the backup path so they can roll back manually if needed.

Step 5 — Write archive files into the workspace

WORKSPACE="$HOME/.openclaw/workspace"
SRC="/tmp/clone-{key}"

for f in SOUL.md AGENTS.md TOOLS.md IDENTITY.md USER.md HEARTBEAT.md; do
    [ -f "$SRC/$f" ] && cp "$SRC/$f" "$WORKSPACE/$f"
done

Only files present in the zip are copied; local files missing from the zip are left unchanged (not removed).

Step 6 — Report results

Tell the user:

  • Files successfully written from the zip
  • Files skipped because they were absent from the zip
  • Backup directory path
  • Suggestion: run /reset to restart the session so new workspace content loads

Workspace file reference

FileRole
SOUL.mdPrimary identity, reasoning style, behavioral guardrails
AGENTS.mdSession bootstrap, tool policy, hard limits
TOOLS.mdLocal tooling notes and proxy routing
IDENTITY.mdDisplay name, role, emoji metadata
USER.mdUser profile and session context
HEARTBEAT.mdScheduled task notes

Errors

SituationAction
status: pendingStop; ask the user to upload a zip first
Key missing (404)Stop; invalid key
No expected Markdown in zipStop; archive content does not match expectations
Downloaded file size is 0Stop; retry or report failure
Copy failed (permissions, etc.)Report error; backup remains available

Comments

Loading comments...