ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Secure API Calls

v1.0.3

Call any API without leaking credentials. Keychains proxies requests and injects real tokens server-side — your agent never sees them.

4· 2.5k·14 current·15 all-time
bySéverin MARCOMBES@smarcombes
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name/description, required binary ('keychains'), and the npm install step all align: the skill is a wrapper around the Keychains CLI/SDK to proxy credentials server-side. There are no unrelated binaries or environment variables requested.
Instruction Scope
SKILL.md confines actions to installing/using the keychains CLI/SDK and instructs the agent to send requests through keychains.dev (using placeholders like {{OAUTH2_ACCESS_TOKEN}}). This is consistent with the stated purpose. It does, however, direct the tool to create local machine keys (~/.keychains/) and route full request metadata (URL, headers, body) via keychains.dev — meaning request payloads are sent to a third-party proxy. This is expected for the service but worth explicit user trust consideration.
Install Mechanism
Install uses npm (keychains@0.0.13) to create a 'keychains' binary. npm is an expected distribution mechanism for a CLI/SDK; no arbitrary download URLs or extract steps are used. Installing globally requires write permissions and will add a binary to the system PATH.
Credentials
The skill declares no required environment variables or external credentials, which is coherent because Keychains uses placeholders and a remote vault. The skill will generate local keys (~/.keychains) for machine auth; that is proportionate to the stated SSH challenge-response authentication mechanism.
Persistence & Privilege
The skill does not request always:true and does not ask for extra system privileges, but it will create persistent local state (~/.keychains/) and communicates with an external proxy service. Autonomous model invocation remains enabled (default), so an agent could call this skill to proxy requests; consider the privacy/trust implications of allowing autonomous calls that send request bodies to keychains.dev.
Assessment
This skill appears internally consistent: it installs the Keychains CLI via npm and instructs the agent to route API calls through keychains.dev using placeholder tokens. Before installing, verify you trust the Keychains service and the npm package maintainer (review the package source, maintainers, and recent versions). Understand that the CLI will create a local keypair (~/.keychains/) and that full request metadata (URL, headers, body) will be proxied to keychains.dev — only placeholders are meant to contain secrets, but accidental inclusion of real secrets in other parts of a request would expose them to the proxy. If you require higher assurance, review the keychains npm package code, audit network traffic during a test run, pin the package version, and confirm the Keychains privacy/security documentation and ownership. Also note user-invocable:false and that autonomous model invocation is allowed by default — if you do not want an agent to call this skill without explicit user action, disable model invocation or avoid installing the skill.

Like a lobster shell, security has layers — review code before you run it.

latestvk975rrt6d26s5mtctwz1mb177581dd2psecurity credentials api oauth keychains zerotrustvk97b962bg2d47admsfq4w871cs81c3c5

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🔐 Clawdis
Binskeychains

Install

Install Keychains CLI (npm)
Bins: keychains
npm i -g keychains@0.0.13

Comments