Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description (tool lookup by keyword) matches the provided mapping and runtime instructions: the skill is essentially a searchable mapping of keywords → commands and guidance to run them. However, the mapping contains system-modifying and admin-level commands (rm, chown, kill, openclaw gateway start/stop, openclaw skills install/uninstall, network downloads via curl/wget) that are beyond simple read-only lookups. Those entries are explainable for a tool-runner, but they increase the risk surface and may be more powerful than a casual 'search-and-suggest' helper.
Instruction Scope
SKILL.md explicitly instructs the agent to execute selected commands and even describes self-driven and preventative maintenance modes where the agent should 'use tools' and 'execute' actions automatically. It references concrete system paths (example: ~/.openclaw/workspace) and includes execution actions (copy to clipboard, execute with -e flag). While the SKILL.md warns that dangerous commands 'need user confirmation,' it does not enforce or define how confirmations occur, and some modes imply autonomous execution without clear guardrails. This broad runtime scope (reading local files, running network/download commands, performing system administration) is higher risk than a pure suggestion-only skill.
Install Mechanism
Instruction-only skill with no install spec, no downloads, and no additional dependencies. Nothing is written to disk by an installer — lowest install risk.
Credentials
The skill requests no credentials or environment variables, which is proportional. However, the mapping contains commands that access system state and network endpoints (curl/wget, openclaw config/backup/skills management) and examples reference user-specific paths (e.g., ~/.openclaw/workspace). The skill does not declare or constrain access to those paths or explain required privileges, which is an omission the user should be aware of.
Persistence & Privilege
always:false (good) and the skill is not forced-installed. But the SKILL.md promotes 'self-driven' and periodic maintenance modes and the skill allows autonomous agent invocation (platform default). Coupling autonomous invocation with instructions to run system/network/admin commands increases blast radius — especially entries that manage OpenClaw gateway/skills or perform network downloads. Consider restricting autonomous execution or requiring explicit confirmations for dangerous actions.
What to consider before installing
This skill is a keyword→command helper and is internally consistent, but it encourages executing system, network, and OpenClaw admin commands. Before installing: 1) Review tool_keyword_map.md and remove or sandbox any destructive or admin commands (rm -rf, chown, gateway/skills install/uninstall, dd, direct network downloads). 2) Configure the agent so the skill is user-invocable only (disable self-driven/autonomous runs) or require explicit, auditable confirmation before executing any command that modifies system state or uses network. 3) Run the skill in a restricted environment (container or VM) if you plan to let it execute commands. 4) If you accept it, add safeguards: whitelist safe commands, log all executions, and prevent access to sensitive paths (e.g., ~/.openclaw, /etc, home directories) or credential stores. If you want a lower-risk alternative, use the skill only to suggest commands and require the human to copy-and-run them manually.Like a lobster shell, security has layers — review code before you run it.
latestvk97fbss7kbw2tdqy5fd80btta583sjer
License
MIT-0
Free to use, modify, and redistribute. No attribution required.