Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
OpenFleet
v1.0.0Manage your OpenFleet multi-agent workspace — create tasks, assign agents, trigger pulse cycles, manage automations, and monitor activity. Full bidirectional...
⭐ 2· 688·0 current·1 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill name/description (manage OpenFleet workspace) aligns with requiring OPENFLEET_API_KEY and use of the @open-fleet MCP server. However the SKILL.md instructs use of other tools (openclaw gateway, cloudflared) that are not listed in required binaries, which is an omission and reduces clarity about what the skill actually needs to run.
Instruction Scope
SKILL.md tells the agent/user to: run npx to launch @open-fleet/mcp-server, start an OpenClaw gateway, and expose it with cloudflared tunnel so OpenFleet can connect back. Those steps involve exposing a local service to a remote endpoint (network tunneling) and executing code fetched at runtime. The instructions also reference binaries (openclaw, cloudflared) that aren't declared; the tunnel step in particular increases attack surface and should be highlighted to users.
Install Mechanism
There is no install spec (instruction-only) which is lower risk, but the skill relies on npx to fetch and run @open-fleet/mcp-server at runtime. The SKILL.md example uses npx without pinning a package version (and with -y), which creates a supply-chain risk because it will execute the latest package from npm.
Credentials
Only OPENFLEET_API_KEY is declared and used; that is appropriate for a tool that integrates with the OpenFleet API. The SKILL.md does not request other credentials. Recommend verifying the key's scope/permissions before use.
Persistence & Privilege
always is false and the skill is user-invocable with normal autonomous invocation allowed. There is no indication the skill requests permanent system-wide changes or modifies other skills. Note: autonomous invocation plus task/agent management is powerful — follow the guidance below before enabling.
What to consider before installing
Before installing: 1) Verify the OpenFleet service and npm package are legitimate (check openfleet.sh, GitHub repo, npm package maintainers). 2) Update the skill manifest to list all required binaries (cloudflared, openclaw) or be prepared to run those manually. 3) Avoid running npx with -y/unpinned packages in production — prefer a pinned version or inspect the package contents first. 4) Be cautious about exposing a local gateway via cloudflared: this opens a tunnel from your machine to the Internet — only do this if you trust the remote service and limit network exposure (firewall, ephemeral keys). 5) Use an API key with least privilege, rotate it after testing, and monitor activity. If you want higher confidence, ask the publisher for a pinned package version, the exact npm package name/version they expect, and proof of the GitHub repo that contains the published code.Like a lobster shell, security has layers — review code before you run it.
agentsvk975bgtdcdrkgqe400b6nvt7k9816bcmlatestvk975bgtdcdrkgqe400b6nvt7k9816bcmmcpvk975bgtdcdrkgqe400b6nvt7k9816bcmorchestrationvk975bgtdcdrkgqe400b6nvt7k9816bcmtasksvk975bgtdcdrkgqe400b6nvt7k9816bcm
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
◇ Clawdis
Binsnpx
EnvOPENFLEET_API_KEY
Primary envOPENFLEET_API_KEY