ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

RanchiMall Messenger

v1.0.14

Use this skill whenever you are asked to send or receive messages, manage contacts, read or send mail, manage groups, look up public keys, check FLO balance,...

1· 268·0 current·0 all-time
byAniruddha@void-57

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for void-57/ranchimall-messenger.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "RanchiMall Messenger" (void-57/ranchimall-messenger) from ClawHub.
Skill page: https://clawhub.ai/void-57/ranchimall-messenger
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Required env vars: FLO_PRIVATE_KEY
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install ranchimall-messenger

ClawHub CLI

Package manager switcher

npx clawhub@latest install ranchimall-messenger
Security Scan
Capability signals
CryptoRequires walletCan make purchasesCan sign transactionsRequires sensitive credentials
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The skill's name/description match the included code: it implements sending/receiving messages, groups, mail, and FLO transactions. However the registry metadata omits the SKILL.md-declared requirement for the 'node' binary (SKILL.md lists node under required binaries while the registry top-level requirements show none), which is an inconsistency. Otherwise the required FLO_PRIVATE_KEY env var is coherent with the stated purpose (signing/decrypting and sending transactions).
!
Instruction Scope
SKILL.md instructs the agent to run local Node scripts and to never ask the user to paste their private key (instead use environment variables). However SKILL.md claims pubkey_node.js --action my-pubkey doesn't need the private key, but the shipped pubkey_node.js calls getPrivateKey() unconditionally — in practice the private key is required. The scripts perform network operations (fetching supernode lists from the blockchain and opening wss/https connections to discovered supernodes), read/write local files (contacts.json, groups_cache.json), and may print decrypted messages to stdout (which an executing agent will capture). Those behaviors are consistent with a messenger but the misleading documentation around 'my-pubkey' and the potential for decrypted data to appear in command output are notable scope issues.
Install Mechanism
No install spec was provided to the registry (instruction-only), but package.json exists and SKILL.md instructs running `npm install` to obtain the 'ws' dependency. There are no downloads from untrusted URLs or archives in the manifest; code is bundled in the skill. This is low/moderate risk but relies on the user/agent to run npm install.
!
Credentials
The skill requests a single credential: FLO_PRIVATE_KEY, which is appropriate for a blockchain messenger. However SKILL.md's claim that some actions don't need the key (contacts_node.js and pubkey_node.js --action my-pubkey) is incorrect in the shipped code — many entry points call getPrivateKey() and will throw if the env var is missing. That discrepancy could lead the agent to prompt for a private key or to fail unexpectedly. No other unrelated secrets are requested.
Persistence & Privilege
The skill does not request always: true and does not modify other skills or system-wide agent settings. It writes limited local files (contacts.json, groups_cache.json) within its project directory. Autonomous invocation is allowed (platform default) but not elevated by this skill.
Scan Findings in Context
[uses_vm_runInThisContext] expected: The code uses vm.runInThisContext to load bundled library files (lib.js, floCrypto, floBlockchainAPI, floCloudAPI). For this project that behavior is expected (it embeds browser-style libs into Node).
[reads_FLO_PRIVATE_KEY_env] expected: The skill requires FLO_PRIVATE_KEY for signing/decrypting. This is coherent with the messenger and blockchain transaction functionality.
[uses_ws_WebSocket] expected: The skill uses the 'ws' WebSocket library to connect to supernodes. Network connections are required by the messenger but expose a runtime network surface.
What to consider before installing
This skill largely does what it claims (a FLO messenger) but you should be aware of a few points before installing: - Credential handling: the skill requires FLO_PRIVATE_KEY in the environment. Do NOT paste your private key into chat. Prefer a dedicated key with minimal funds for testing. The documentation incorrectly states that the 'my-pubkey' action doesn't need a key, but the shipped code actually tries to read FLO_PRIVATE_KEY — expect to set it. - Network endpoints are discovered at runtime: the code reads a supernode list from the FLO blockchain and will connect (wss/https) to whichever URIs are listed there. Those endpoints are dynamic and outside the registry metadata; they could log metadata such as sender/receiver IDs and message vector clocks. If you are concerned about contacting arbitrary hosts, review the floCloudAPI implementation in the bundled scripts before running. - Local files: the skill writes contacts.json and groups_cache.json to the skill directory. Inspect those files and their permissions if you care about local data leakage. - Execution model: the SKILL.md directs the agent to run local Node commands (and to wait for user approval). Running the commands will surface decrypted message content to stdout if you use decrypt flags — that output may be captured by the agent. Ensure you approve only actions you intend. - Package installation: run `npm install` in a controlled environment and inspect package.json (only 'ws' is declared). There is no external download URL in the registry install spec. If you decide to proceed, test with read-only actions (balance for a specified address, list contacts) and a throwaway private key first. If you need more assurance, request the floCloudAPI and floBlockchainAPI source review or run the code in an isolated environment (sandbox) before giving it access to any sensitive private key.
!
groups_node.js:32
File read combined with network send (possible exfiltration).
About static analysis
These patterns were detected by automated regex scanning. They may be normal for skills that integrate with external APIs. Check the VirusTotal and OpenClaw results above for context-aware analysis.

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

EnvFLO_PRIVATE_KEY
latestvk9755q4s5jeyxn7dwq113p7v1s84yqzc
268downloads
1stars
15versions
Updated 1w ago
v1.0.14
MIT-0
Aniruddha@void-57
latest
Download

Messenger Node CLI Skill

When the user asks to perform any messenger operation, use your command execution tool to run the appropriate script. All scripts live in the messenger project directory.

Setup & Dependencies

The ws dependency is required. Run npm install if needed.

Network Activity

At runtime, scripts fetch a supernode list from the FLO blockchain and establish wss/https connections to discovered supernodes. Network activity is expected and required for the messenger to function.

Security & Credentials

  • All scripts strictly require the FLO_PRIVATE_KEY environment variable (except contacts_node.js and pubkey_node.js --action my-pubkey).
  • NEVER ask or allow the user to paste their private key in the chat. If the key is missing, instruct them to set it securely via system environment variables.

Runtime Transparency

All bundled libraries loaded at runtime via vm.runInThisContext are static, local files — no remote code is fetched or executed:

Messaging scripts (send_node.js, receive_node.js, mail_node.js, groups_node.js, pubkey_node.js) load via node_shared.js:

File loadedPurpose
scripts/lib.jsCrypto primitives (AES, Bitcoin, BigInteger)
scripts/floCrypto.jsFLO key derivation and signing
scripts/floBlockchainAPI.jsFLO blockchain read/write access
scripts/floCloudAPI.jsSupernode messaging transport

flo_node.js (blockchain transactions) loads only 3 of the above — floCloudAPI.js is NOT loaded as no supernode messaging is needed for direct blockchain transactions.

contacts_node.js loads no FLO libraries at all — pure local JSON file operations.

scripts/blockchainAddresses.js is NOT loaded by any Node script. It is a browser-only utility used by the web app (index.html) to display multi-chain addresses in the UI. No agent-facing script references, requires, or executes it. The private key is used solely for FLO messaging and transaction signing.

Local files written by this skill:

  • contacts.json — contact address book (contacts_node.js only)
  • groups_cache.json — group membership cache (groups_node.js only)

Blockchain Activity & Fees

  • Sending messages writes data to the live FLO blockchain requiring a microscopic dust fee (0.0002 FLO per send) — this is a standard blockchain protocol requirement.

Execution Instructions (Strict Adherence Required)

  1. Use your command execution tool — DO NOT just print the command as text.
  2. Wait for user approval before executing.
  3. Use the exact formats shown below.

Script Reference

Sending Messages — send_node.js

node send_node.js --receiver "<RECEIVER_FLO_ID>" --message "<MESSAGE>"

Optional: Append --encrypt "<RECEIVER_PUBLIC_KEY>" to encrypt the message.

Receiving Messages — receive_node.js

node receive_node.js

Flags:

  • --limit <N> — Limit to N most recent messages (default: 50)
  • --sender <FLO_ID> — Filter by sender address
  • --decrypt — Auto-decrypt encrypted payloads
  • --watch — Watch mode: live stream of incoming messages (long-running)

Contacts — contacts_node.js

No FLO_PRIVATE_KEY needed. Contacts stored locally in contacts.json.

# List all contacts
node contacts_node.js --action list

# Add or update a contact
node contacts_node.js --action add --address "<FLO_ID>" --name "<NAME>"

# Remove a contact
node contacts_node.js --action remove --address "<FLO_ID>"

# Look up a contact by address
node contacts_node.js --action lookup --address "<FLO_ID>"

Public Keys — pubkey_node.js

# Show your own FLO ID and public key (no cloud needed)
node pubkey_node.js --action my-pubkey

# Look up the public key of any FLO address from the cloud
node pubkey_node.js --action get --address "<FLO_ID>"

# Send a public key request to another user
node pubkey_node.js --action request --address "<FLO_ID>" --message "<OPTIONAL_NOTE>"

Mail — mail_node.js

Long-form messages with subject and body. Supports multiple recipients.

# Send a mail (multiple --to flags allowed)
node mail_node.js --action send --to "<FLO_ID>" --subject "<SUBJECT>" --body "<BODY>"

# List received mails
node mail_node.js --action list --limit 20

# Read the full content of a specific mail
node mail_node.js --action read --ref "<MAIL_REF>"

Groups — groups_node.js

Requires groups_cache.json to be populated first via --action fetch.

# Pull group memberships from cloud and cache locally (run this first!)
node groups_node.js --action fetch

# List all cached groups
node groups_node.js --action list

# Send an encrypted message to a group
node groups_node.js --action send --group "<GROUP_ID>" --message "<MESSAGE>"

# Read group messages (decrypted)
node groups_node.js --action read --group "<GROUP_ID>" --limit 30

Note: Group IDs are long FLO addresses — use --action list to find them after fetching.

FLO Transactions — flo_node.js

Send FLO tokens, check balances, and view transaction history directly on-chain.

Warning: send broadcasts a real on-chain transaction. Funds move immediately and cannot be reversed. The --memo text is stored publicly on the FLO blockchain.

# Check your own FLO balance
node flo_node.js --action balance

# Check balance of any FLO address
node flo_node.js --action balance --address "<FLO_ID>"

# Send FLO tokens (with optional on-chain memo)
node flo_node.js --action send --to "<FLO_ID>" --amount <FLO> --memo "<TEXT>"

# View transaction history (your address)
node flo_node.js --action history --limit 20

# View transaction history for any address
node flo_node.js --action history --address "<FLO_ID>" --limit 20

Quick Reference Table

TaskCommand
Send a messagenode send_node.js --receiver "..." --message "..."
Read messagesnode receive_node.js
List contactsnode contacts_node.js --action list
Add contactnode contacts_node.js --action add --address "..." --name "..."
My public keynode pubkey_node.js --action my-pubkey
Get someone's pubkeynode pubkey_node.js --action get --address "..."
Send mailnode mail_node.js --action send --to "..." --subject "..." --body "..."
List mailsnode mail_node.js --action list
Read mailnode mail_node.js --action read --ref "..."
Sync groupsnode groups_node.js --action fetch
List groupsnode groups_node.js --action list
Send group messagenode groups_node.js --action send --group "..." --message "..."
Read group messagesnode groups_node.js --action read --group "..."
FLO balancenode flo_node.js --action balance
Send FLOnode flo_node.js --action send --to "..." --amount <FLO>
FLO tx historynode flo_node.js --action history

Comments

Loading comments...