ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

S³ Incident Runbook Templates

v1.0.0

Create structured incident response runbooks with step-by-step procedures, escalation paths, and recovery actions. Use when building runbooks, responding to...

0· 87·0 current·0 all-time
bySolomon Neas@solomonneas
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name and description match the contents: templates and step-by-step operational runbooks for incident response. The commands and sections (kubectl, psql, curl, rollout undo, scaling, network policy) are plausible and expected in an on-call/infrastructure runbook. However, some items (internal endpoints, Sentry/Grafana links, feature-flag APIs) are placeholder/organization-specific and the SKILL.md assumes access to internal infrastructure without declaring those needs.
!
Instruction Scope
The instructions include concrete, executable commands (kubectl, psql, curl, kubectl apply, pg_terminate_backend, rollout undo, scaling) that would perform destructive or high-privilege actions if executed. They reference environment variables ($DB_HOST, $DB_USER) and internal endpoints (api.company.com, prometheus, grafana, sentry) that are not declared in requires.env. The skill also suggests applying network policies and terminating DB backends — actions beyond mere read-only diagnostics. Because SKILL.md could be used to drive an agent to run these commands, the lack of explicit guardrails (explicitly requiring human confirmation or declaring that commands are examples only) is a concern.
Install Mechanism
Instruction-only skill (no install spec, no code files). This minimizes disk/installation risk because nothing is written or downloaded by the skill itself.
!
Credentials
The skill declares no required environment variables or credentials but the runbooks reference sensitive values and services (DB_HOST, DB_USER, internal API endpoints, PagerDuty/Slack/Pager integrations, psql auth). That mismatch means the instructions assume access to secrets and internal systems without declaring or justifying them. Users should not supply full DB or cloud credentials to this skill without strict controls.
Persistence & Privilege
The skill is not always-enabled and doesn't request persistent privileges or modify other skills. However, it instructs high-privilege operational steps; combined with the platform default that the agent can invoke the skill autonomously, this increases the blast radius if the agent is permitted to execute commands. There are no special install-time persistence concerns.
Scan Findings in Context
[no_scan_findings] expected: The regex-based scanner found nothing — expected because this is an instruction-only SKILL.md with no code files. Absence of findings does not mean the instructions are safe; the file clearly references sensitive commands and environment variables.
What to consider before installing
This skill is coherent for building incident runbooks, but treat it as a recipe for human operators rather than something to run automatically. Before installing or letting an agent execute these instructions: 1) Do not provide DB or cloud credentials to the skill; supply examples or redact secrets. 2) Require explicit human confirmation for any destructive command (rollbacks, pg_terminate_backend, kubectl apply/scale). 3) Limit the agent's execution environment and Kubernetes/DB permissions (use least privilege, test in staging). 4) Verify and replace placeholder internal endpoints (api.company.com, prometheus, grafana, sentry) with your real URLs or remove them. 5) Have on-call/infrastructure owners review and approve the runbook steps and any referenced scripts (resources/implementation-playbook.md appears referenced but not included). If you need the agent to perform actions, consider adding stricter guards (declared required env vars, explicit confirmation prompts, and scoped short-lived credentials).

Like a lobster shell, security has layers — review code before you run it.

incident-responsevk97dz0qynhnkd3ybvnr5j41rv5836e6vlatestvk97dz0qynhnkd3ybvnr5j41rv5836e6vplaybooksvk97dz0qynhnkd3ybvnr5j41rv5836e6vrunbooksvk97dz0qynhnkd3ybvnr5j41rv5836e6vsocvk97dz0qynhnkd3ybvnr5j41rv5836e6v

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments