ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Phoenix Shield

v1.0.0

Self-healing backup and update system with intelligent rollback. Protects against failed updates by automatically monitoring system health post-update and recovering from backups when needed. Features canary deployment testing, health baselines, smart rollback, and 24/7 automated monitoring. Use when performing critical system updates, managing production deployments, or ensuring high availability of services. Prevents downtime through pre-flight checks, integrity verification, and automatic recovery workflows.

0· 1.4k·1 current·1 all-time
by@yiqiezhenxi
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The SKILL.md describes a system-level backup/update tool and all runtime examples are consistent with that purpose (snapshots, apt/npm, systemctl, backups). However the skill is instruction-only and does not declare the required binary, installation, or the privileged access typically needed for these operations.
!
Instruction Scope
Runtime instructions instruct executing system-level commands (apt, systemctl, package installs), reading/writing /var/backups and /root hooks, multi-server deployments, and arbitrary --command payloads. The doc does not specify how remote targets are authenticated or how privileged operations are granted — the instructions give the agent broad discretion to run potentially destructive commands.
Install Mechanism
No install spec (instruction-only). This is low install risk, but it also means the SKILL.md assumes a 'phoenix-shield' CLI already exists on the system without saying where it comes from or how to obtain it, which is an operational gap.
!
Credentials
The skill declares no required env vars or credentials, yet examples require access to backup directories, root hooks, package managers, and remote servers. That mismatch suggests missing credential/config requirements (SSH keys, sudo/root, DB access) that are necessary for the described functionality.
Persistence & Privilege
always:false (normal) and model invocation is allowed (platform default). Combined with instruction scope (ability to run arbitrary commands), autonomous invocation would increase risk — but autonomous invocation alone is expected. The skill does not request persistent privileges itself.
What to consider before installing
This SKILL.md instructs running system-level updates, backups, and arbitrary commands but includes no install source, no origin/homepage, and declares no credentials — that mismatch is risky. Before using: (1) verify the origin of the 'phoenix-shield' binary and inspect its code or vendor; (2) do not run in production without testing in an isolated VM; (3) require explicit human confirmation before any destructive action and avoid running as root where possible; (4) ensure any multi-server operations have secure, explicit authentication (SSH keys) and that you trust the tool that will be executing commands remotely; (5) prefer a tool with a published installation/release (GitHub/releases or vendor site) and documented permissions. If you cannot verify the binary/source and its privilege requirements, treat this skill as untrusted.

Like a lobster shell, security has layers — review code before you run it.

latestvk972fscrhrrm2a44wbkfnesy9d80k5rd

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments