Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
A transparent proxy for the Facebook Graph API. Replace the domain, pass your Yuri API token, and call any Facebook endpoint — no Facebook access token needed on the client side.
v1.0.10Yuri Graph Gateway — Facebook Graph API Proxy Service Usage Guide
⭐ 0· 143·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The SKILL.md and included _meta.json declare a single sensitive credential (YURI_TOKEN) which matches the described proxy purpose. However the registry summary at the top of the submission claims no required env vars / no primary credential, which contradicts the skill files. There is also a version mismatch (registry shows 1.0.10, _meta.json is 1.0.8). This metadata incoherence could be accidental but makes it harder to verify the provider and trust the package.
Instruction Scope
The runtime instructions are limited to proxy usage: sign up at baiz.ai, obtain a Yuri token, and replace graph.facebook.com with facebook-graph.baiz.ai and use YURI_TOKEN as access_token. The guidance explicitly warns about token-in-URL risks and recommends least-privilege test tokens. The instructions do not ask the agent to read local files or access unrelated environment variables.
Install Mechanism
This is instruction-only with no install spec and no code files. That is lowest install risk (nothing is written to disk by the skill itself).
Credentials
The skill declares one sensitive credential (YURI_TOKEN), which is proportionate for a proxy service. However the top-level registry metadata contradicted that by listing no required env vars/primary credential. Also, a proxy necessarily implies that the provider will manage/hold Facebook access tokens (if you link an account or request access), which is a high-privilege operation outside the agent — the SKILL.md does warn about this and tells users not to hand over production credentials until the provider is verified.
Persistence & Privilege
No 'always:true' flag, the skill is user-invocable and can be invoked autonomously (platform default). There is no install script, no code that modifies other skills or system settings. No excessive persistence requested by the skill itself.
Scan Findings in Context
[no-findings] expected: The static scanner found nothing to analyze because this skill is instruction-only (no code files). That absence is expected but means there is no source code to audit here — review provider resources (homepage, docs, audited code) yourself.
What to consider before installing
This skill behaves as a simple Graph API proxy and only needs one token (YURI_TOKEN), which is reasonable — but do not hand over production Facebook credentials until you verify the provider. Steps to reduce risk before installing: 1) Ask the publisher to fix and re-publish consistent metadata (registry fields should list YURI_TOKEN as required and version should match). 2) Request audited/open-source gateway code or third-party security review and a clear privacy policy about how Facebook tokens and request data are stored and for how long. 3) Use a least-privilege, short-lived, test Facebook account/token when first trying the gateway. 4) Prefer server-side usage where possible (avoid embedding tokens in client-side code or URLs), and rotate tokens after testing. 5) If you need stronger assurance, host your own proxy or use a well-known, audited gateway provider. If the provider supplies verifiable docs and corrected metadata, re-evaluate — this assessment may shift toward benign.Like a lobster shell, security has layers — review code before you run it.
latestvk9758zedj52nppc6y10g8kagpn8398cg
License
MIT-0
Free to use, modify, and redistribute. No attribution required.