ClawHub

Pipeworx fbiwanted

v1.0.0

Search the FBI's Most Wanted list — fugitives, missing persons, and wanted individuals with photos and case details

0· 56·0 current·0 all-time
byBruce Gutman@b-gutman
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (search FBI wanted) align with declared requirements: only curl is needed and the SKILL.md shows HTTP calls to a remote API that returns wanted-person records.
Instruction Scope
Instructions direct the agent to query https://gateway.pipeworx.io/fbiwanted/mcp (and provide an MCP example). This is expected for a remote-search skill, but it does send user queries to that external service — avoid sending sensitive PII in queries.
Install Mechanism
No install spec is present (instruction-only), which is low-risk. However the provided MCP config uses 'npx -y mcp-remote@latest', which would fetch and execute code from the npm registry at runtime — a common but non-zero risk if you do not trust the upstream package or gateway.
Credentials
The skill requests no environment variables, credentials, or config paths — proportional to its purpose.
Persistence & Privilege
always is false and there are no declarations to modify other skills or system-wide settings. Model invocation is allowed (default) which is normal for skills.
Assessment
This skill is coherent with its purpose: it sends search queries to the Pipeworx gateway and returns FBI wanted records. Before installing, verify you trust the gateway (https://gateway.pipeworx.io) and the Pipeworx project/homepage. Do not submit sensitive personal data or secrets in queries, since those will be transmitted to the external service. Note the MCP example uses npx to fetch mcp-remote@latest at runtime — that will execute code from npm, so if you require stricter controls, avoid using the npx-based MCP flow or inspect the package first.

Like a lobster shell, security has layers — review code before you run it.

latestvk97bgjxv6syw6886t5xc1e62e984fmeq

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🔎 Clawdis
Binscurl

Comments