ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Clawhub

v1.1.1

Install, search, update, and manage skills from ClawHub (the public OpenClaw skill registry). Use when the user wants to install a skill by slug (e.g. "clawh...

1· 2.8k·31 current·35 all-time
by@sreejith77
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
The name/description match the instructions: the SKILL.md simply documents using the external 'clawhub' CLI to install/search/update skills. It does not request unrelated credentials, binaries, or config paths.
Instruction Scope
Instructions direct the agent to run shell commands (cd into ~/.openclaw/workspace and run 'clawhub' commands) and optionally to install the CLI via 'npm i -g clawhub'. This scope is appropriate for a CLI wrapper, but there's a minor inconsistency: the doc says 'Do not auto-install without user confirmation' yet also states 'The agent will handle CLI installation and confirm when the skill is ready' (which could be read as implying autonomous installation). The SKILL.md does not instruct the agent to read unrelated files or env vars.
Install Mechanism
No install spec is included (instruction-only), which is low-risk. The only install action mentioned is a user-confirmed 'npm i -g clawhub' recommendation — installing a global npm package can execute arbitrary code from the registry, so the user should confirm the package's provenance before allowing installation.
Credentials
The skill declares no required environment variables or credentials and the instructions do not reference any secrets. Access to the user's workspace path (~/.openclaw/workspace) is necessary and expected for installing skills.
Persistence & Privilege
The skill is not always-enabled and does not request elevated or persistent platform privileges. It does not modify other skills' configurations in the instructions.
Assessment
This skill is mostly documentation for using the external 'clawhub' CLI. Before allowing it to install or run commands, confirm: (1) that 'clawhub' comes from a trusted source (review the npm package or official project site), (2) you are comfortable running a global npm install (it can run arbitrary code), and (3) the agent should ask for explicit user confirmation before performing installations or changing files in ~/.openclaw/workspace. If you prefer, manually install 'clawhub' yourself and run the documented commands instead of granting the agent permission to do so. Also review any third-party skills you install — the SKILL.md correctly reminds you they are untrusted by default.

Like a lobster shell, security has layers — review code before you run it.

latestvk97ckqm9g1k4ckfbrj3trz0a9981ba51

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments