Encryption
v1.0.0Encrypt files, secure passwords, manage keys, and audit code for cryptographic best practices.
⭐ 2· 1.1k·13 current·13 all-time
byIván@ivangdavila
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name and description match the included materials: encryption patterns, mobile Keychain/Keystore, Vault/KMS usage, and audit checklists. The examples legitimately reference tools and services commonly used for encryption (age, gpg, aws KMS, HashiCorp Vault, SQLCipher, psql, kubectl). Nothing in the content appears intended for a different purpose.
Instruction Scope
SKILL.md and included files instruct running commands that access network services, system configuration, and cloud storage (aws s3 cp, vault kv put/get, psql, kubectl, certbot, openssl, nmap, curl). Those operations can read or transmit sensitive data. The skill does not declare or document the credentials or environment configuration required to run those commands, and some examples embed or echo secrets (e.g., building SQL with a shell variable). This grants broad discretion to an agent following the instructions and could lead to unintended data access or transmission if invoked without care.
Install Mechanism
Instruction-only skill with no install spec and no code files; nothing will be written to disk by an installer. This is the lowest-risk installation model.
Credentials
The skill metadata lists no required environment variables or credentials, but the documentation uses AWS CLI, AWS KMS, Vault, Postgres, and kubectl—all of which require credentials or access (AWS keys/roles, Vault token/agent, DB user/password, kube credentials). The lack of declared required secrets is inconsistent with the runtime actions it describes and increases the chance the user will run the examples with improperly scoped credentials or accidentally expose secrets.
Persistence & Privilege
always is false and the skill does not request persistent system presence or modify other skills/configs. Autonomous invocation is allowed (platform default) but is not combined with additional privileged settings.
What to consider before installing
This skill is a collection of encryption patterns and operational scripts that are consistent with its stated purpose, but it instructs actions that require sensitive credentials and access (AWS, Vault, Postgres, Kubernetes, etc.) while declaring none. Before installing or running any examples: 1) Review and run examples in an isolated/test environment (not production). 2) Provide least-privilege credentials (short-lived tokens/roles) for any cloud/Vault/DB access. 3) Avoid copying example commands verbatim that construct or echo secrets into shell history or logs (use parameterized APIs or environment-only injection). 4) Inspect and adapt scripts that perform uploads (aws s3 cp), DB changes (psql ALTER USER), or Vault writes so they do not leak secrets to logs or remote services. 5) If you want to allow autonomous agent invocation, consider the agent's access scope carefully—do not grant broad cloud or kube credentials to an agent that can call these steps automatically.Like a lobster shell, security has layers — review code before you run it.
latestvk97ek8hqktqgf14vy46nt41brs813pj4
License
MIT-0
Free to use, modify, and redistribute. No attribution required.