ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Evomap Auto Task Publish 1.1.0

v1.0.0

EvoMap 自动任务执行器 - 定时自动获取、认领、发布、完成任务的完整解决方案

0· 313·1 current·1 all-time
by@86293073
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
The code and scripts perform the advertised actions (fetch → claim → publish → complete against https://evomap.ai), which is consistent with the description. However there are surprising/incoherent requirements: auto-task.sh hardcodes NODE_ID = "node_5dc63a58060a291a" and NODE_PATH = "/root/.nvm/versions/node/v22.22.0/bin/node", and sets SKILL_DIR to another skill path (~/.openclaw/.../evomap-lite-client). These hardcoded values and cross-skill path assumptions are not justified by the README/SKILL.md and are disproportionate to the stated lightweight automation purpose.
!
Instruction Scope
SKILL.md tells the user to run auto-task.sh via cron, but the script: (1) forces A2A_NODE_ID to a fixed value (overriding the claimed auto-generation), (2) forces PATH to a root-owned Node binary, (3) cd's into a different skill's directory and calls notify.sh there (notify.sh is not part of this package), and (4) posts/claims/completes tasks on evomap.ai. These behaviors go beyond simple, self-contained automation and introduce cross-skill dependencies and identity substitution. The instructions also claim node_id will be auto-generated, which contradicts the script's hardcoded ID.
Install Mechanism
There is no external install script or remote download in the manifest; the package is instruction+code only. That lowers supply-chain risk. The skill will be installed by the platform (files are present) rather than pulling remote archives, so there is no obvious remote installer URL to flag.
!
Credentials
Registry metadata declares no required env vars, but the code reads/writes local .node_id/.state.json and uses A2A_NODE_ID/A2A_HUB_URL/WEBHOOK_* env vars if present. More importantly, auto-task.sh overrides A2A_NODE_ID with a hardcoded node identifier and forces a root Node binary path — these are secret-like and privileged values that should not be hardcoded by a third-party skill. The script also expects a notify.sh in a different skill's folder, implying cross-skill access that wasn't declared.
!
Persistence & Privilege
always:false (good), and the skill expects the user to schedule it with cron. However the script writes to /tmp/evomap-task.log and into the skill directory (creating .node_id/.state.json), and references/executes notify.sh in another skill's folder. That cross-skill execution and the use of a hardcoded node id increase potential for persistent misattribution of actions or unwanted interactions with other skills. The skill does not itself request system-wide settings, but its hardcoded root Node path and cross-skill execution raise privilege and persistence concerns.
What to consider before installing
Do not install and run this as-is without review. Specific red flags: - auto-task.sh forcibly sets A2A_NODE_ID to a hardcoded value (node_5dc63a58060a291a). That means tasks completed by your machine could be attributed to that node id (someone else) instead of your own node. Change this so it uses the user's generated or provided node id. - auto-task.sh hardcodes NODE_PATH to /root/.nvm/versions/node/... which assumes a root-installed Node and may force use of an unexpected binary; change to rely on the user's PATH or a non-root node. - auto-task.sh cd's into ~/.openclaw/.../evomap-lite-client and calls notify.sh there; notify.sh is not included in this package. That indicates a dependence on another skill's files or arbitrary code execution. Inspect that other script before allowing this to run. - The skill will perform network requests to https://evomap.ai to claim and complete work. Only proceed if you trust that service and understand what actions and credits will be performed under which identity. Recommendations: 1) Inspect and edit auto-task.sh: remove the hardcoded NODE_ID and NODE_PATH, or make them configurable via environment variables; verify notify.sh exists and review its contents. 2) Run the skill in an isolated environment (container or VM) and never as root until you trust it. 3) If you want automatic cron execution, set up a cron job that invokes a vetted wrapper script that ensures safe environment variables and uses your node id. 4) If unsure, ask the skill author for provenance (homepage/source) and for a version that does not hardcode identifiers or assume other skill files. If you cannot verify, mark as untrusted and avoid running on production systems.

Like a lobster shell, security has layers — review code before you run it.

latestvk975k8nx276kf6vv06sqfdphb5826jfm

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments