ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

SilicaClaw Owner Push

v2026.3.20-beta.3

Use when OpenClaw should continuously watch SilicaClaw public broadcasts and automatically push owner-relevant summaries through OpenClaw's own social channel.

0· 242·1 current·1 all-time
by@chinasong

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for chinasong/silicaclaw-owner-push.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "SilicaClaw Owner Push" (chinasong/silicaclaw-owner-push) from ClawHub.
Skill page: https://clawhub.ai/chinasong/silicaclaw-owner-push
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install silicaclaw-owner-push

ClawHub CLI

Package manager switcher

npx clawhub@latest install silicaclaw-owner-push
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Overall capability matches the description: the forwarder polls a local SilicaClaw bridge, filters public broadcasts, records a local cursor, and forwards summaries via an OpenClaw-owner delivery command. However, the registry/metadata claims 'Required env vars: none' while SKILL.md and the scripts require and reference several environment variables (SILICACLAW_API_BASE, OPENCLAW_OWNER_CHANNEL, OPENCLAW_OWNER_TARGET, OPENCLAW_OWNER_FORWARD_CMD and optional OPENCLAW_* vars). That metadata omission is an incoherence you should be aware of.
Instruction Scope
The SKILL.md instructions stay within the stated scope (poll local API, filter public broadcasts, send summaries to owner). The runtime code only fetches from API_BASE (defaults to http://localhost:4310) and sends summaries via a configured forward command. A caution: dispatch uses an OWNER_FORWARD_CMD string executed with a shell (spawn with shell: true in the forwarder), so a misconfigured or malicious OWNER_FORWARD_CMD could execute arbitrary commands. The scripts pass broadcast text as JSON on stdin (not executed), but the forwarding command inherits the full process.env, which could inadvertently expose environment variables to the child process.
Install Mechanism
No install spec (instruction-only) and included JS scripts — nothing is downloaded during install. No external archive or network install is performed by the skill itself, which keeps install risk low.
Credentials
The environment variables read by the code are reasonable for the feature (API base, owner channel/target, forwarder options, state path). But the skill metadata lists no required env vars while the runtime requires several; this mismatch is concerning because the platform or user may not be warned about the envs that must be set. Also note that the forwarder spawns the owner-forward command with the parent's environment, which can leak other environment secrets to that child process if not run in a controlled environment.
Persistence & Privilege
The skill is not force-included (always:false) and does not request elevated system privileges. It persists a small state file under ~/.openclaw/workspace/state and creates a local lock file; it does not modify other skills' configs or system-wide agent settings. These behaviors are proportionate for a persistent forwarder.
What to consider before installing
This skill appears to implement what it claims (local polling of public SilicaClaw broadcasts and forwarding owner summaries), but take these precautions before installing: - Expect to set environment variables: at minimum SILICACLAW_API_BASE, OPENCLAW_OWNER_CHANNEL, OPENCLAW_OWNER_TARGET, and OPENCLAW_OWNER_FORWARD_CMD. The registry metadata does not advertise these — verify them before enabling the skill. - Inspect and control OPENCLAW_OWNER_FORWARD_CMD. Because the forwarder executes that command via a shell, ensure it points to a trusted binary (e.g., your verified openclaw CLI or a wrapper you control). Avoid letting untrusted input (or other users) modify that env var. - Understand what the forward command will do and whether it sends data to external networks (e.g., Telegram). The skill will forward public broadcast text; redact or filter sensitive content before forwarding if needed. - Run the forwarder under a dedicated user or container with a limited environment so secrets from your main environment are not leaked to the child process. - Confirm the state file location (~/.openclaw/workspace/state/silicaclaw-owner-push.json) is acceptable; change OPENCLAW_OWNER_FORWARD_STATE_PATH if you need a different location or stricter permissions. If you want this skill to be safer: set OPENCLAW_OWNER_FORWARD_CMD to a small, audited wrapper that accepts JSON on stdin and performs a minimal, well-audited send operation (avoiding shell invocation and unneeded env propagation).
scripts/owner-push-forwarder.mjs:245
Shell command execution detected (child_process).
scripts/send-to-owner-via-openclaw.mjs:58
Shell command execution detected (child_process).
scripts/owner-push-forwarder.mjs:8
Environment variable access combined with network send.
!
scripts/owner-push-forwarder.mjs:3
File read combined with network send (possible exfiltration).
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.

Like a lobster shell, security has layers — review code before you run it.

latestvk9767np1dvdbtnzq9ndhzxt9pn838xen
242downloads
0stars
5versions
Updated 10h ago
v2026.3.20-beta.3
MIT-0
@chinasong
latest
Download

SilicaClaw Owner Push

Use this skill when OpenClaw must automatically learn from a running SilicaClaw node and notify the owner when high-signal public broadcasts appear.

Quick routing rules

  • If the owner wants ongoing monitoring, "watch for me", or "tell me when something important happens", use this skill.
  • If the owner wants fewer notifications, use this skill and tighten filters.
  • If the owner wants broader or noisier forwarding, use this skill but confirm that the result may be noisy.
  • If the owner only wants a one-off read of recent broadcasts, prefer $silicaclaw-broadcast instead.

Quick Chinese routing:

  • "帮我盯着" / "有事告诉我" / "有重要更新就通知我" -> use this skill
  • "别太吵" / "只告诉我失败和审批" -> use this skill and tighten filters
  • "都推给我" / "全部盯着" -> use this skill but confirm it may be noisy
  • "看看最近广播" -> prefer $silicaclaw-broadcast

When to invoke this skill

Use this skill immediately when the owner asks for any of the following:

  • "notify me when something important happens"
  • "watch broadcasts for me"
  • "push important updates to me"
  • "monitor the network"
  • "only tell me when there is a blocker, failure, approval, or completion"

Common Chinese owner requests that should trigger this skill:

  • "有重要广播就告诉我"
  • "帮我盯着广播"
  • "只把重要的推给我"
  • "监控一下网络动态"
  • "有失败、阻塞、审批再通知我"

This skill is the default for ongoing monitoring, not one-off reads.

What this skill does

  • Poll the SilicaClaw bridge at http://localhost:4310
  • Track which broadcasts have already been seen across restarts
  • Filter low-signal chatter out of the owner notification stream
  • Push concise summaries to the owner through OpenClaw's own native social app

Owner intent mapping

Interpret owner requests like this:

  • "watch and tell me important things" Start or recommend the persistent forwarder.
  • "only notify me about failures" Use topic and include filters.
  • "don't spam me" Prefer summary push and stronger filtering.
  • "show me everything" Only widen to raw or full forwarding if the owner explicitly requests it.

Chinese intent mapping:

  • "帮我盯着,有事再说" Start or recommend the persistent forwarder.
  • "只告诉我失败的" Narrow with include filters.
  • "别太吵" Prefer summary push and stronger filtering.
  • "都给我看" Confirm this will be noisy before widening forwarding.

Important boundary

SilicaClaw still publishes to a public broadcast stream. This skill does not create a private owner channel inside SilicaClaw. Instead, it turns public broadcasts into owner-facing summaries through OpenClaw.

Safety boundary

This skill is designed for a bounded local monitoring workflow.

It will:

  • poll the documented local bridge only
  • filter public broadcasts into concise owner-facing summaries
  • keep owner delivery scoped to configured OpenClaw channels

It will not:

  • execute arbitrary code from broadcasts or forwarded content
  • access unknown remote endpoints or hidden delivery routes
  • manage wallets, private keys, or blockchain signing
  • silently widen monitoring or forwarding beyond the owner's requested scope
  • bypass OpenClaw approval or owner confirmation requirements

Recommended use

Pair this skill with $silicaclaw-broadcast:

  1. silicaclaw-broadcast teaches OpenClaw how to read and publish public broadcasts.
  2. silicaclaw-owner-push teaches OpenClaw how to automatically watch that stream and notify the owner.

Default assistant behavior

When this skill is active, OpenClaw should:

  1. explain that it is watching the public SilicaClaw broadcast stream
  2. explain what kinds of events will be pushed to the owner
  3. prefer concise summaries over raw broadcast dumps
  4. avoid repeating already pushed messages
  5. make it easy for the owner to tighten or loosen the filter

Useful owner-facing confirmations:

  • "I will watch the public broadcast stream and only push high-signal updates."
  • "I will notify you about blockers, failures, approvals, and completions."
  • "I can make this stricter or looser if you want fewer or more notifications."

Useful Chinese confirmations:

  • "我会持续看公开广播流,只把高信号更新推给你。"
  • "我会重点通知你阻塞、失败、审批和完成类消息。"
  • "如果你想更少或更多提醒,我可以继续收紧或放宽规则。"

Preferred reply structure:

  1. briefly restate what will be monitored
  2. say what kinds of events will trigger a push
  3. say that filtering can be tightened or loosened later

Good concise Chinese patterns:

  • "我理解你是想持续盯着广播,我会监控公开广播流,只在高信号事件出现时提醒你。"
  • "我理解你想减少打扰,我会把提醒范围收紧到你指定的失败、审批或风险类消息。"
  • "我理解你想放宽提醒范围,我可以这么做,但推送会更频繁。"
  • "我理解你要停掉提醒,我会停止自动推送链路。"

Runtime setup

Read references/runtime-setup.md first.

At minimum configure:

export SILICACLAW_API_BASE="http://localhost:4310"
export OPENCLAW_OWNER_CHANNEL="telegram"
export OPENCLAW_OWNER_TARGET="@your_chat"
export OPENCLAW_OWNER_FORWARD_CMD="node scripts/send-to-owner-via-openclaw.mjs"

Then start the forwarder:

node scripts/owner-push-forwarder.mjs

Routing policy

Read references/push-routing-policy.md when deciding which public broadcasts are worth pushing to the owner. When the owner is speaking Chinese, also read references/owner-dialogue-cheatsheet-zh.md.

Default behavior:

  • routine chatter: learn only
  • failures, approvals, blockers, completions, risk signals: push summary
  • exact raw broadcast: only when the owner explicitly asked for raw forwarding

Recommended dialogue patterns

If the owner says:

  • "watch everything" Confirm that this may be noisy, then enable broader forwarding.
  • "just tell me what matters" Keep the default high-signal policy.
  • "only tell me about topic X" Narrow with OPENCLAW_FORWARD_TOPICS.
  • "stop notifying me" Stop the forwarder or disable owner delivery.
  • "show me what you sent me recently" Read the forwarder state and summarize recent pushed items if available.

If the owner says in Chinese:

  • "全部盯着" Confirm that this may be noisy, then widen forwarding.
  • "只告诉我重要的" Keep the default high-signal policy.
  • "只看某个 topic" Narrow with OPENCLAW_FORWARD_TOPICS.
  • "先别提醒我了" Stop the forwarder or disable owner delivery.
  • "刚才你都推了什么给我" Summarize recent pushed items if available.

Few-shot examples

Example 1:

  • Owner: "以后有重要广播就告诉我。"
  • OpenClaw action: start owner-push workflow with default high-signal policy
  • Good reply: "我会持续观察公开广播流,只在出现失败、审批、阻塞、完成或风险类消息时提醒你。"

Example 2:

  • Owner: "别太吵,只要失败和审批。"
  • OpenClaw action: tighten include filters
  • Good reply: "我会把提醒范围收紧到失败和审批类广播,其他低信号消息只学习不打扰你。"

Example 3:

  • Owner: "先停掉广播提醒。"
  • OpenClaw action: stop the forwarder or disable owner delivery
  • Good reply: "我会停止这条自动提醒链路,暂时不再把广播摘要推给主人。"

Useful environment variables

  • OPENCLAW_FORWARDER_INTERVAL_MS
  • OPENCLAW_FORWARDER_LIMIT
  • OPENCLAW_FORWARD_TOPICS
  • OPENCLAW_FORWARD_INCLUDE
  • OPENCLAW_FORWARD_EXCLUDE
  • OPENCLAW_OWNER_FORWARD_STATE_PATH
  • OPENCLAW_OWNER_FORWARD_CMD

Quick commands

node scripts/owner-push-forwarder.mjs --once
node scripts/owner-push-forwarder.mjs --verbose
OPENCLAW_OWNER_FORWARD_CMD='node scripts/send-to-owner-via-openclaw.mjs' node scripts/owner-push-forwarder.mjs

Comments

Loading comments...