Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
GreenClaw
v1.0.0Token usage analytics and budget alerting for the GreenClaw inference proxy. Query spending, set budget alerts, and track savings.
⭐ 0· 171·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The SKILL.md describes token usage analytics, budget alerts, and traces for a GreenClaw inference proxy — that matches the skill name and description. Nothing in the instructions obviously tries to do unrelated actions (no cloud credential requests or unrelated remote services).
Instruction Scope
The runtime instructions tell the agent to run 'npx greenclaw' (after 'pnpm install' and 'pnpm build') and to read/use a local SQLite DB (GREENCLAW_TELEMETRY_DB, default data/telemetry.db). The registry metadata declared no env vars or config paths, but the SKILL.md references an environment variable and a local DB path. The instructions also implicitly require Node/npm/pnpm/npx to be present; those required binaries are not declared. Running npx/pnpm can fetch and execute arbitrary code from the npm registry and run package build scripts, which expands the runtime scope beyond simple CLI use.
Install Mechanism
There is no install spec in the registry metadata, yet SKILL.md expects to install and run a package via pnpm/npx. That means the agent (or user) will fetch code from the npm registry at runtime with no vendoring, checksum, or provenance declared — moderate-to-high operational risk if the package or its dependencies are malicious or compromised.
Credentials
The skill declares no required environment variables or credentials, but the instructions reference GREENCLAW_TELEMETRY_DB for the SQLite path and default to data/telemetry.db. This is an undeclared data/config access requirement. The skill also implicitly requires Node/npm/pnpm tooling (binaries) which are not declared. Asking the agent to read a local telemetry DB can expose sensitive usage data; the absence of explicit env/config declarations is a proportionality mismatch.
Persistence & Privilege
The skill is instruction-only and not marked 'always:true'. It does not request persistent presence or modify other skills' configs. Autonomous model invocation remains allowed (platform default) but is not combined with other high-privilege flags.
What to consider before installing
This skill appears to do what it claims (usage analytics) but the SKILL.md and registry metadata don't match in important ways. Before installing or running it: 1) Ask the publisher for the package source (npm package name, homepage, or GitHub repo) and verify the package and its maintainers. 2) Don't run 'npx pnpm install' or 'npx greenclaw' on important hosts without inspecting the package first—npx/pnpm will fetch and run code (including build scripts). Prefer to inspect the package source, audit its install scripts, or run it in an isolated container. 3) Be aware the tool reads a SQLite telemetry DB (GREENCLAW_TELEMETRY_DB / data/telemetry.db); ensure that database doesn't contain secrets you don't want exposed and consider pointing the tool to a copy or a restricted path. 4) Ask the author to update the registry metadata to declare required binaries (node, npm, npx, pnpm) and any environment variables/config paths and to provide a verified homepage or repository. If you cannot verify provenance, treat this skill as potentially risky and run it only in a sandbox.Like a lobster shell, security has layers — review code before you run it.
latestvk97bbe4v0peb08x1yb7pwgk19182s6zv
License
MIT-0
Free to use, modify, and redistribute. No attribution required.