ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Raspberry Pi

v1.0.0

Set up and maintain Raspberry Pi avoiding common hardware and configuration pitfalls.

2· 1.2k·0 current·0 all-time
byIván@ivangdavila
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description align with the SKILL.md content: hardware, storage, GPIO, networking, Docker, headless setup and troubleshooting tips. No unrelated binaries, env vars, or config paths are requested.
Instruction Scope
Most instructions stay within the Pi setup/maintenance scope. One notable instruction recommends installing Docker via `curl -fsSL https://get.docker.com | sh`, which advises downloading and executing a remote script — a common but potentially dangerous practice. The guidance otherwise sticks to expected files and settings and does not instruct reading unrelated files or exfiltrating data.
Install Mechanism
There is no install spec and no code files; this is instruction-only, so nothing will be written to disk by the skill itself. Risk is limited to following the recommended external installation commands in the doc.
Credentials
The skill requests no environment variables, credentials, or config paths — proportional to its stated purpose.
Persistence & Privilege
The skill is not flagged always:true and does not request persistent/system-level changes. Autonomous invocation is allowed by default (not a concern by itself).
Assessment
This skill is coherent and useful for Raspberry Pi setup, but be cautious: the SKILL.md recommends running `curl -fsSL https://get.docker.com | sh` which downloads and executes a script from the network. Before running such commands, inspect the script, prefer verified package repositories or distribution packages when available, and verify the URL (get.docker.com is the official Docker convenience script but piping to sh still carries risk). Also: verify ARM image compatibility, backup important data before changing storage, prefer SSD/USB root for durability, and avoid exposing SSH directly — use VPN/Tailscale/Cloudflare Tunnel as suggested. If you have low security expertise, avoid blindly executing remote installers and ask for the exact commands or alternatives (e.g., package manager steps for your OS/arch).

Like a lobster shell, security has layers — review code before you run it.

latestvk977t5ep95jqrwnkxtxcb52hgd80xmp8

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🍓 Clawdis
OSLinux · macOS

Comments