ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Webmcp Bridge

v0.1.2

Connect a website to the local-mcp browser bridge through a fixed UXC link. Use when the user needs to operate native WebMCP sites or adapter-backed sites th...

0· 200·1 current·1 all-time
by@jolestar
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
The name and description match the requested artifacts: uxc links, per-site profiles under ~/.uxc/webmcp-profile/<site>, and use of @webmcp-bridge/local-mcp. Required tools (uxc, npx) and the included scripts (ensure-links.sh, validate.sh) are appropriate for creating and managing those links.
Instruction Scope
SKILL.md limits actions to creating links, inspecting bridge state, switching modes, and recovering sessions. It explicitly instructs use of uxc and npx. A noteworthy behavior: the workflow runs npx to fetch/execute @webmcp-bridge/local-mcp (and optionally adapter packages or local adapter modules), which means remote/npm code or local adapter modules will be executed as part of normal operation — this is expected for the skill but is a source of risk if untrusted adapters are used.
Install Mechanism
There is no install spec (instruction-only), which is low-risk for installation. However the default launcher uses npx -y to run an npm package, which will fetch and run code from the network at launch time. The included shell scripts are plain and do not download arbitrary archives; they rely on uxc and npx being present.
Credentials
The skill declares no required env vars and the only environment influence in scripts is optional (WEBMCP_LOCAL_MCP_COMMAND, WEBMCP_DAEMON_IDLE_TTL). It writes per-site profiles under the user's HOME, which is necessary for its stated purpose. No unrelated credentials or config paths are requested.
Persistence & Privilege
always is false. The skill's agent metadata allows implicit/autonomous invocation (policy.allow_implicit_invocation: true), and the scripts create persistent links and profile directories in the user's HOME. This is coherent with the purpose, but persistent artifacts mean actions are not ephemeral — links and profiles remain on disk and can be invoked later.
Assessment
This skill appears to do what it says: create stable uxc launcher links and per-site profiles for local-mcp. Before installing or running: 1) Be aware the default launcher uses `npx -y ...` which will download and execute packages from npm each time it runs — only use it for packages/adapters you trust. 2) The script will create persistent profile directories under ~/.uxc/webmcp-profile/<site> and register commands via uxc; expect those artifacts to remain until you remove them. 3) Avoid passing untrusted adapter-module values or remote npm packages unless you trust their source. If you need higher assurance, inspect the code of @webmcp-bridge/local-mcp and any adapter packages before use.

Like a lobster shell, security has layers — review code before you run it.

latestvk97350kdv2k1kewp083nrcz2gh83jy3j

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments