Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Skill Publish
v1.0.0Safely publish skills to ClawHub. Sanitize, format, verify, and publish without modifying your local files.
⭐ 2· 885·1 current·2 all-time
byIván@ivangdavila
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
The name/description (publish skills to ClawHub) align with the instructions (transform, sanitize, verify, publish). One small inconsistency: the verify.md shows an npx clawhub publish command (which implies the presence of npm/npx and ClawHub tooling/credentials), yet the skill declares no required binaries or credentials. This is plausible (the agent may prompt the user for any required auth at runtime) but should be called out.
Instruction Scope
SKILL.md + auxiliaries stay within the publishing workflow and explicitly forbid modifying originals and require user approval. Good: clear sanitization checklist and explicit verification steps. Caution: transform.md's 'Default: Include it' guidance and the suggestion to 'When in doubt, include more' encourage conservative inclusion which can increase the risk of accidentally publishing sensitive data unless the agent rigorously follows sanitize.md and verify.md.
Install Mechanism
This is an instruction-only skill with no install spec and no code files, so nothing is written to disk by the skill itself. Low install risk.
Credentials
The skill declares no required env vars or credentials, which is appropriate for a generic publishing helper. However, the publish step (npx clawhub publish) will require network access and ClawHub authentication in practice; the skill does not document how credentials are obtained or handled. That omission is operationally important but does not necessarily indicate malicious intent.
Persistence & Privilege
always is false and the instructions explicitly require working in a separate temporary folder and never modifying original files. The skill does not ask to persist or change agent/system-level configuration. Autonomous invocation is allowed (platform default) but not by itself a concern here.
Assessment
This skill appears to implement a reasonable safe-publish workflow, but double-check before using:
- Confirm the agent actually follows the sanitize.md checklist and does not publish until you explicitly approve the verification prompt. Do not rely solely on automated detection.
- Be cautious of the transform.md advice to 'include by default' — it makes it easier to accidentally include private items. Prefer excluding when unsure and ask the agent to highlight anything it included that looks sensitive.
- The publish step uses `npx clawhub publish`; ensure you understand how ClawHub authentication will be provided (interactive login, environment variables, or token). Do not paste long-lived tokens into skill content. Prefer using ephemeral credentials or logging in interactively.
- Test the workflow on a harmless example in a temp folder (/tmp/publish-test) to confirm the agent's behavior before publishing real content.
- If you have any private files, secrets, or internal URLs, remove or genericize them manually rather than relying only on automated sanitization.
If you want higher assurance, ask the skill-author (or the agent) to show a complete, post-sanitization preview of the exact files that will be published and confirm that no credentials or private endpoints remain.Like a lobster shell, security has layers — review code before you run it.
latestvk97am92n4r43g6nhmv8zxc2d4s80yczq
License
MIT-0
Free to use, modify, and redistribute. No attribution required.