ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Pipeworx jikan

v1.0.0

Jikan MCP — wraps the Jikan v4 API (anime/manga data, free, no auth)

0· 36·0 current·0 all-time
byBruce Gutman@brucegutman
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The skill claims to wrap the Jikan v4 API (no auth) which matches the description. However the SKILL.md instructs using npx to run mcp-remote and connect to https://gateway.pipeworx.io/jikan/mcp. The metadata did not declare that node/npx is required or that a remote proxy/gateway will be used — a minor incoherence.
!
Instruction Scope
Instructions explicitly tell the agent to run 'npx -y mcp-remote@latest https://gateway.pipeworx.io/jikan/mcp'. That causes the agent to download and execute a remote npm package and route requests through an external gateway. While this is consistent with providing a managed wrapper, it means requests and any data sent may transit the pipeworx gateway and the agent will execute code fetched at runtime — behavior not obvious from the simple description.
!
Install Mechanism
There is no install spec, but the runtime uses npx to fetch and run 'mcp-remote@latest' from the npm ecosystem. npx-based runtime installs execute remote package code (moderate-to-high risk). The skill does not declare or explain this install/execution step in the registry metadata.
Credentials
The skill requests no environment variables, credentials, or config paths — this is proportionate to a public, no-auth API wrapper.
Persistence & Privilege
The skill is not 'always' enabled and does not ask to modify other configs. Autonomous invocation is allowed (the platform default); combined with the remote-exec behavior this increases the blast radius, but autonomous invocation alone is expected.
Scan Findings in Context
[no_regex_findings] expected: The registry scanner found nothing because the skill is instruction-only (no code files). Absence of findings is expected but does not imply safety.
What to consider before installing
This skill will cause the agent to run 'npx -y mcp-remote@latest' and connect to https://gateway.pipeworx.io/jikan/mcp. That means: (1) code is downloaded and executed at runtime from the npm registry — review the mcp-remote package source (and its maintainers) before trusting it; (2) API requests and any data the agent sends will pass through the pipeworx gateway — review its privacy/security policy if you care about data exposure; (3) the skill metadata did not list npx/node as a required binary — expect to have Node.js/npx available; (4) if you require stricter control, ask for an explicit install spec (trusted release URL or pinned package version) or prefer a skill that calls the Jikan API directly without remote package execution. Consider testing in a sandboxed environment and/or disabling autonomous invocation until you verify the package and gateway.

Like a lobster shell, security has layers — review code before you run it.

latestvk973jzdw43xa5fj43khn9xqmgs84rxvm

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments