Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Edgebric
v0.9.1Search and manage your private knowledge base. Find documents, query knowledge, upload files, and manage data sources in Edgebric.
⭐ 0· 13·0 current·0 all-time
byJeremy Venegas@jerv
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The SKILL.md describes a knowledge-base integration (search, query, upload, manage sources) and the runtime instructions require EDGEBRIC_URL and EDGEBRIC_API_KEY — these are coherent with the stated purpose. However, the registry metadata supplied with the skill lists no required environment variables or primary credential, which is inconsistent with the SKILL.md. That mismatch is an integrity issue: the skill will not work without those env vars, and the registry should have declared them.
Instruction Scope
The instructions are focused on API calls to the Edgebric instance (discover, search, query, create source, upload, delete). They do not instruct reading unrelated system files, calling arbitrary external hosts, or exfiltrating data outside the described API. However, the SKILL.md includes destructive operations (DELETE source/documents) and upload behavior; those require admin or read-write privileges. The instructions do not constrain when to perform destructive actions, so an agent granted autonomous invocation could inadvertently delete data if given an overly powerful key.
Install Mechanism
This is an instruction-only skill with no install spec and no code files, so it does not download or install anything on the host. That minimizes install-time risk.
Credentials
The SKILL.md requires EDGEBRIC_URL and EDGEBRIC_API_KEY (an API key starting with 'eb_'), which are exactly what an API client needs — proportionate for the purpose. The registry metadata, however, declares no required env vars or primary credential, creating an inconsistency. Also note: many operations (delete source/document, create source, upload) require elevated scopes; you should provide the least-privileged API key appropriate for the actions you actually want (read-only for queries/search; read-write for uploads; avoid admin keys unless necessary).
Persistence & Privilege
The skill is not always-enabled and does not request persistent system-wide privileges. It is model-invocable by default (normal behavior). There is no evidence the skill modifies other skills or system configuration.
What to consider before installing
This skill's instructions and endpoints match its stated purpose (Edgebric knowledge-base integration), but the package metadata omitted the required environment variables (EDGEBRIC_URL and EDGEBRIC_API_KEY). Before installing or enabling the skill:
- Confirm the host: make sure EDGEBRIC_URL points to a known/trusted Edgebric instance (localhost or your company URL). Do not point it to an unknown public host.
- Use least-privilege keys: create and supply an API key scoped to what you want the skill to do. For read/search use a read-only key; only give read-write/upload permissions when you trust uploads. Avoid admin keys unless you intentionally need delete/create operations.
- Be cautious about destructive actions: the SKILL.md exposes DELETE endpoints. If you allow autonomous invocation, set policies or constraints so the agent cannot delete sources/documents without explicit confirmation.
- Because this is instruction-only (no install), there's no installation risk, but metadata inconsistencies are a sign of low-quality packaging — ask the publisher to update the registry metadata to declare required env vars and primary credential.
If you want stronger safety, test the skill with a sandbox Edgebric instance and a restricted API key first.Like a lobster shell, security has layers — review code before you run it.
latestvk97d2y5fgpgkq1arw3pqj31z9s84b4h4
License
MIT-0
Free to use, modify, and redistribute. No attribution required.