Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Farmos Land Portfolio
v1.0.0Query land ownership, leases, landlord info, and land payments. Write operations for payment management and lease renewals.
⭐ 0· 464·2 current·2 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The declared purpose (query/manage land, payments, lease renewals) legitimately includes read and write operations. However, the skill's instructions expect access to a local auth helper (~/clawd/scripts/farmos-auth.sh) and a role file (~/.openclaw/farmos-users.json) which are not declared in the metadata. Either those local artifacts should be declared as required config/credentials or the instructions are incomplete/opaque.
Instruction Scope
SKILL.md explicitly directs the agent to read a local file (~/.openclaw/farmos-users.json) to validate roles and to run a shell script in the user's home to obtain an admin JWT. Those are file- and execution-level actions outside the metadata's declared scope. The instructions also require using admin-level tokens to perform write operations (mark payments paid, renew leases) — potentially destructive if misused.
Install Mechanism
There is no install spec and no code files, so nothing will be written to disk by an installer. This lowers installation risk. The remaining risk derives from runtime instructions that execute local scripts and call network endpoints.
Credentials
The skill requires JWTs for write actions and prescribes a local script to obtain them, but the registry lists no required environment variables, credentials, or config paths. The skill also instructs the agent to read a local role file — a capability that should be declared and permissioned. The lack of declared credentials/config paths is a proportionality mismatch.
Persistence & Privilege
The skill is not force-included (always:false) and allows user invocation; autonomous invocation is permitted by platform default. Because the skill can obtain admin JWTs and perform writes, you should consider restricting autonomous invocation or requiring explicit user confirmation before any write operation. The skill does not request persistent platform privileges in its metadata.
What to consider before installing
Do not install or enable this skill until you validate a few things: (1) Confirm the skill's origin and trustworthiness — the repo/source is unknown. (2) Inspect ~/clawd/scripts/farmos-auth.sh and ~/.openclaw/farmos-users.json yourself to ensure they are legitimate and do not leak secrets or run unsafe commands. (3) Require the skill to declare the config paths and any credentials it needs in its metadata (e.g., config_paths for the users JSON and an explicit note that it will execute a local auth helper). (4) Enforce strict access control: only allow admins/managers to invoke the skill and disable autonomous invocation for write operations (or require explicit user confirmation for any POST/write). (5) Verify the API base (http://100.102.77.110:8009) is an expected internal endpoint; running the skill will cause network calls to that host. (6) If you must test, run the skill in an isolated/sandboxed environment and audit the commands it executes. The core issue is a metadata/instruction mismatch — the runtime asks for local file reads and script execution that are not declared, and those actions can enable destructive changes (marking payments paid, renewing leases).Like a lobster shell, security has layers — review code before you run it.
latestvk976gaxvwqganpnymdjgvyacy181nwd2
License
MIT-0
Free to use, modify, and redistribute. No attribution required.