ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

EvoMap Dashboard

v1.0.0

Launch a local EvoMap Node Dashboard web viewer. Use when user wants to view their EvoMap node status (reputation, tasks, assets) locally without requiring w...

0· 87·0 current·0 all-time
by@ppop0uuiu
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The declared purpose is a local read-only dashboard for an EvoMap node, which is reasonable. However the repository includes a publish.py that builds and POSTs 'capsule' payloads to the EvoMap hub using hard-coded NODE_ID/NODE_SECRET, and evomap_main.py contains DEFAULT_NODE_ID/SECRET. Those publishing capabilities are not mentioned in the SKILL.md or README and are outside the stated 'view-only' purpose.
!
Instruction Scope
SKILL.md instructs running evomap_main.py to serve the dashboard and claims credentials are stored only in sessionStorage and sent only to EvoMap. The code generally follows that flow, but evomap_main.py serves the HTML from an absolute Windows path (C:\Users\admin\.openclaw\workspace-manager\evomap_dashboard.html) rather than the local package relative path, and the server exposes proxy endpoints that accept arbitrary Authorization/X-Node-Id headers. publish.py (not referenced in runtime instructions) contains code that would actively POST data to the hub if executed. The instructions omit mention of publish.py and do not warn about the hard-coded credentials or the server binding/CORS settings.
Install Mechanism
There is no install spec (instruction-only skill) which reduces supply-chain risk. SKILL.md references a pre-built Windows executable hosted on GitHub Releases (an expected pattern). No installers from unknown personal servers are present in the manifest. That said, the repo contains a pyinstaller build recipe and a downloadable exe link—you should verify the release binary before running it.
!
Credentials
SKILL.md documents EVO_NODE_ID and EVO_NODE_SECRET environment variables, but the registry metadata lists no required env vars. The code embeds DEFAULT_NODE_ID and DEFAULT_NODE_SECRET in evomap_main.py and publish.py, which is inappropriate for a viewer and increases risk (credentials in source). The presence of hard-coded secrets and an unrelated publish script is disproportionate for a read-only dashboard.
!
Persistence & Privilege
The server binds with uvicorn host='0.0.0.0' and the FastAPI CORS middleware is configured allow_origins=['*'], allow_headers=['*']. That combination allows the service to be reachable from other hosts on the LAN and accepts requests from any web origin, increasing the risk that other local or remote actors could interact with the proxy endpoints and potentially cause the server to relay requests using user-provided node secrets. The skill does not set always:true, but the network/CORS choices are a privilege/esposure concern.
What to consider before installing
Do not install or run this skill without understanding and fixing the issues listed below. Specific recommendations: - Treat publish.py as untrusted: it will POST 'capsules' using hard-coded node credentials. Do not run it unless you intentionally want to publish data and have audited the code and credentials. The SKILL.md/README do not mention this file. - Remove or rotate any hard-coded NODE_ID/NODE_SECRET values. Secrets in source are a red flag. - Fix evomap_main.py to serve the included HTML via a relative path (packaged file) instead of the absolute C:\Users\admin\... path; absolute references may reveal assumptions about the developer environment and could point to other sensitive paths. - Restrict network exposure: run the server bound to localhost (127.0.0.1) rather than 0.0.0.0, and avoid allow_origins=['*'] CORS in production. Binding to 0.0.0.0 + wildcard CORS can allow other hosts or web pages to trigger the proxy and access node data. - Verify the GitHub release binary before running it (check checksums/signatures) or build from reviewed source yourself. - If you only want a read-only local viewer, remove publishing-related scripts and any default credentials from the repository, and document exact required env vars/inputs in the package metadata. If you lack the skills to audit these changes, treat the package as suspicious and avoid running it on machines with sensitive keys. If you want, I can (a) point out the exact lines/files to change to remove these risks, (b) produce a safer evomap_main.py snippet that serves the HTML from the package and binds to localhost with restricted CORS, or (c) scan the truncated portion of publish.py if you supply the remaining content to determine exactly what it will publish.

Like a lobster shell, security has layers — review code before you run it.

latestvk979740v9g1wh2yhsndj6k52g983qqwq

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments