Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Jits Builder
v1.0.0Instantly build, deploy, and access single-page, vanilla JS mini-apps from voice or text descriptions via a Cloudflare tunnel URL.
⭐ 0· 1.9k·0 current·0 all-time
byDanny Shmueli@dannyshmueli
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The SKILL.md describes building single-file client apps and making them available via a Cloudflare tunnel, which legitimately requires Node.js (to serve) and a cloudflared binary (to create tunnels). However, the skill does not document how Cloudflare auth/certificates are provided or why no Cloudflare credentials or configuration are declared; that omission is inconsistent with the stated deployment goal.
Instruction Scope
Runtime instructions instruct the agent to save generated apps under /data/clawd/jits-apps/, start local servers, and create Cloudflare tunnels. They also state cloudflared will be auto-downloaded to /tmp if missing. Those runtime actions include network exposure and arbitrary binary download/execution and are broader than a simple code-generation helper — the SKILL.md does not limit or explain where the binary comes from or how tunnels are authenticated.
Install Mechanism
There is no formal install spec, but the skill claims it will auto-download the cloudflared binary at runtime. Auto-downloading and executing binaries at runtime is higher risk when the source/URL is not documented. package.json exists (implying Node usage) but there is no declared install step or vetted source list.
Credentials
No environment variables or credentials are declared despite the skill creating public tunnels; in practice cloudflared typically requires authentication (a cert or account linkage). The lack of declared credentials or guidance for how to securely supply them is a mismatch between required capabilities and declared requirements.
Persistence & Privilege
The skill is not marked always:true, but model invocation is not disabled. That means the agent could autonomously run the script, download a binary, start servers and tunnels, and publish URLs without additional gating. Combined with network-exposing behavior, this is a notable privilege to leave unconstrained.
What to consider before installing
This skill's goal (quickly build and publish single-file apps) is plausible, but it performs risky runtime actions: auto-downloads a binary and creates public tunnels. Before installing or enabling it, review the jits.sh script content to see exactly what it downloads and from where, and verify package.json dependencies. Prefer running it in an isolated environment (container or sandbox). Require explicit Cloudflare credentials or a documented, trusted auth flow rather than implicit auto-downloading of cloudflared. If you will allow model-initiated runs, consider disabling autonomous invocation or restricting the skill so it cannot start tunnels without your explicit approval.Like a lobster shell, security has layers — review code before you run it.
latestvk975h5c42k8h7ptcwj3xkg0ec5804ffm
License
MIT-0
Free to use, modify, and redistribute. No attribution required.