Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Devops Deploy
v1.0.0Deploy applications and set up infrastructure. Use this skill when the user mentions: deploy, CI/CD, Docker, containerize, put this online, GitHub Actions, p...
⭐ 0· 5·0 current·0 all-time
byEmerson Braun@emersonbraun
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description (deploy apps, CI/CD, Docker, hosting) align with the SKILL.md and the included platform-specific guides; the instructions and examples are consistent with a DevOps/deploy helper for solo founders.
Instruction Scope
The instructions include commands that perform sensitive operations (pg_dump, aws s3 cp, psql restores), install CLIs (npm i -g, curl | sh install scripts), and reference many secrets (DATABASE_URL, JWT_SECRET, STRIPE_SECRET_KEY, AWS access implicitly). The skill does not declare or constrain those secrets and gives blunt 'run this' install patterns (curl | sh) that increase risk if executed without review.
Install Mechanism
There is no formal install spec, but the guide instructs installing CLIs via npm -g and a remote install script (curl -L https://fly.io/install.sh | sh). Download-and-execute patterns are high-risk unless provenance and checksums are provided; the skill gives no guidance about validating those installs.
Credentials
The skill declares no required environment variables or credentials, yet the documentation repeatedly references many secrets and provider credentials (DATABASE_URL, AWS usage for backups, STRIPE keys, platform logins). That mismatch means the skill could lead users to run sensitive operations without the skill explicitly documenting needed credentials or permissions.
Persistence & Privilege
The skill is instruction-only, has no install script or always:true flag, and does not request persistent presence or modify other skills/config; autonomous invocation is default but not combined with other privilege escalations here.
What to consider before installing
This appears to be a legitimate deployment guide, but it contains several things to be careful about:
- The guide references many secrets (DATABASE_URL, JWT_SECRET, STRIPE keys, and implicit AWS credentials) but the skill does not declare or manage them — be sure you understand which credentials are required and never paste secrets into chat or commit them to git. Use platform environment settings or a secrets manager.
- The references instruct installing CLIs with npm -g and piping remote scripts (curl | sh). Do not run remote install scripts without verifying the source and checksum; prefer package manager installs from trusted sources or manual review of the script.
- Backup and restore examples use pg_dump and aws s3 cp. Those commands move sensitive data; confirm the target S3 buckets, IAM permissions, and encryption policies before running. Avoid hard-coded bucket names and test restores in a safe environment.
- If you want the agent to act (run commands), require explicit confirmation and provide only the minimal, scoped credentials needed (use temporary keys or pre-scoped IAM roles). Consider requesting the skill author to list required env vars and provide safer install alternatives or checksums for remote installers.
If the maintainer can supply an explicit list of required credentials, secure install instructions (or checksums), and safer alternatives to piping remote scripts, that would reduce the risk and could change this assessment to benign.Like a lobster shell, security has layers — review code before you run it.
latestvk9761vgecp1acg56c21rty7m3x84cj5q
License
MIT-0
Free to use, modify, and redistribute. No attribution required.