ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Manus AI Skill for OpenClaw

v0.1.0

Agente de IA autónomo de Manus con capacidades de investigación, desarrollo, automatización y generación de medios.

0· 1.6k·0 current·0 all-time
by@disi3r
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the implemented behavior: scripts call https://api.manus.ai and require MANUS_API_KEY. The skill claims connectors (Gmail, Notion, Calendar, Slack) but the local code does not implement OAuth flows — those connectors appear to be provided by the Manus platform, which is consistent with only needing the Manus API key.
Instruction Scope
SKILL.md instructs the agent to run local Python scripts and optionally start a webhook server. The runtime instructions and scripts only read ~/.clawdbot/clawdbot.json for the API key and otherwise send prompts/files to Manus endpoints. This is within scope, but note: any file uploaded or prompts sent will be transmitted to an external service (Manus). The README and SKILL.md also state the platform can 'install software' and 'maintain sessions' — that is a platform capability claim, not implemented by the local code.
Install Mechanism
No install spec (instruction-only install) and the bundled scripts are plain Python. There are no downloads from untrusted URLs or archive extraction. package.json exists (no automatic npm install required by the skill manifest). Low install risk.
Credentials
Only MANUS_API_KEY is requested (primary credential) and scripts also optionally read ~/.clawdbot/clawdbot.json for the same key. This is proportionate to a remote API integration. However, the MANUS_API_KEY grants Manus-side capabilities (connectors, webhooks, task creation) so it is a high-value credential — treat it accordingly.
Persistence & Privilege
always:false and no requests to modify other skills or system-wide configs. The skill can be invoked autonomously per platform default (disable-model-invocation:false) which is normal; note that autonomous use combined with a valid API key can create tasks and consume credits on the Manus account.
Scan Findings in Context
[pre-scan:none-detected] expected: Static scan found no injection signals or suspicious regex matches. The code contains normal network calls to api.manus.ai which are expected for this integration.
Assessment
This skill appears to do what it says: it forwards prompts, files, and webhook registrations to Manus using MANUS_API_KEY. Before installing: 1) Only provide a Manus API key you trust — the key allows creation of tasks, use of connectors, and may consume credits. 2) Do not upload sensitive files unless you understand Manus's data handling and retention policies. 3) If you plan to register webhooks, ensure the webhook URL you supply is secure (HTTPS, authenticated) and does not expose internal services. 4) Consider testing with a limited/sandbox Manus account and monitor credit usage. 5) If you need on-device-only functionality, note this skill sends data off-box; it does not implement local Gmail/Notion OAuth flows (those are expected to be handled by Manus).

Like a lobster shell, security has layers — review code before you run it.

latestvk978v30npje2w60gc2xvb6xb9s80axdq

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🧠 Clawdis
EnvMANUS_API_KEY
Primary envMANUS_API_KEY

Comments