ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Confluence CLI (confcli)

v0.2.5

Interact with Confluence Cloud from the command line. Use when reading, creating, updating, or searching Confluence pages, managing attachments, labels, comments, or exporting content.

0· 969·2 current·2 all-time
by@hochej
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The documented commands and capabilities (reading, creating, updating pages, attachments, labels, comments, exports) align with a Confluence CLI. Nothing in the instructions suggests functionality outside that purpose.
!
Instruction Scope
The runtime instructions direct the user/agent to run a remote install script (curl -fsSL https://raw.githubusercontent.com/hochej/confcli/main/install.sh | sh). The doc also references environment variables (CONFLUENCE_DOMAIN, CONFLUENCE_EMAIL, CONFLUENCE_TOKEN) and interactive operations. The instructions explicitly say not to ask users to paste tokens (good), but they do permit the agent or user to run potentially-destructive write commands — which the doc attempts to constrain by requiring explicit user intent. Overall the install instruction and env var use are scope concerns.
!
Install Mechanism
There is no declared install spec in the registry, but SKILL.md recommends piping a raw GitHub-hosted install script into sh. raw.githubusercontent.com is a common host for releases, but piping a remote script to sh is a high-risk pattern because it executes remote code without local inspection.
!
Credentials
The skill metadata declares no required environment variables or primary credential, yet SKILL.md expects CONFLUENCE_DOMAIN, CONFLUENCE_EMAIL, and CONFLUENCE_TOKEN / CONFLUENCE_API_TOKEN for authentication. Those variables are appropriate for a Confluence CLI, but their absence from the metadata is an inconsistency and a transparency issue.
Persistence & Privilege
The skill does not request permanent presence (always:false) and does not declare modifications to other skills or system-wide settings. Agent autonomous invocation is allowed by default, which is normal — there are no additional persistence/privilege requests in the manifest.
What to consider before installing
This skill appears to be a legitimate Confluence CLI, but two issues need your attention before installing: (1) SKILL.md expects CONFLUENCE_DOMAIN, CONFLUENCE_EMAIL, and CONFLUENCE_TOKEN environment variables but the skill metadata doesn't declare them — verify and provide credentials only via environment variables or interactive login as recommended; (2) the doc recommends running a remote install script by piping raw.githubusercontent.com content into sh — avoid blind curl|sh if you can. Instead: review the install script on the repository, download it and inspect it locally before executing, or install the CLI via a package manager or a verified release. If you plan to let an agent invoke this skill autonomously, do not give it your API token unless you trust the skill and have inspected the installer and behavior. Ask the skill author (or the registry) to update metadata to list the required env vars and to provide a vetted install mechanism or release URL.

Like a lobster shell, security has layers — review code before you run it.

latestvk9720sbx6wjytsha13qsz3ka0580sbmf

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments