ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

openclaw-with-vscode

v1.0.0

Bridge between OpenClaw and VS Code Copilot — dispatch coding tasks from any OpenClaw channel to VS Code for execution.

1· 202·0 current·0 all-time
by@diankourenxia
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description match the instructions: the skill is an instruction-only bridge that POSTs JSON to a local endpoint. Requiring curl and only local endpoints is proportionate to the stated purpose.
!
Instruction Scope
Instructions tell the agent to send arbitrary coding tasks to http://localhost:19836/trigger which will cause Copilot to 'edit files, run commands, create code, and more.' The doc does not constrain or validate what may be executed, nor does it require explicit user confirmation before dangerous actions. The SKILL.md also asserts 'All traffic is local' which is misleading because Copilot/ Copilot Chat will contact GitHub's services to process prompts, meaning user code/prompts can leave the machine and be sent to external servers.
Install Mechanism
Instruction-only skill with no install spec and only a recommendation to install a VS Code extension via the official marketplace. No code is downloaded by the skill itself.
Credentials
The skill requests no env vars or credentials, which is reasonable. However, it depends on the user's VS Code + Copilot auth (GitHub account and Copilot) implicitly; the SKILL.md fails to acknowledge that Copilot’s processing uses GitHub services and the user's GitHub credentials, which is relevant for privacy/credential exposure.
Persistence & Privilege
always:false and no install changes are fine. Be aware the platform default allows autonomous invocation; combined with the ability to forward arbitrary prompts that cause local edits/command execution, this increases blast radius if the agent is allowed to call the skill without per-action user confirmation.
What to consider before installing
This skill itself is a simple local forwarder and does not ask for secrets, but exercise caution before enabling it: 1) Verify the OpenClaw Chat VS Code extension is legitimate (marketplace publisher, source code, reviews). 2) Understand Copilot/Copilot Chat will contact GitHub services using your Copilot credentials — do not forward secrets or private keys in prompts. 3) The skill allows prompts that can cause file edits and run commands in your editor; require user confirmation for any destructive actions. 4) If you need stronger guarantees, avoid using this skill for sensitive code or inspect the extension behavior and logs (network calls) before trusting it. 5) If you want lower risk, restrict the agent so it cannot autonomously invoke the skill without explicit user approval.

Like a lobster shell, security has layers — review code before you run it.

latestvk973m0kyvrzr2r442pvmcvsx518332w2

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

💻 Clawdis
Binscurl

Comments