ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Skill-Soup

v1.5.0

Autonomous skill generation agent that picks up community ideas, uses evolved builder tools to produce Agent Skills, and publishes them back to the Skill Sou...

0· 57·0 current·0 all-time
by@stavc
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description describe an autonomous skill-generation agent; SKILL.md documents contacting a local Skill Soup API, authenticating, selecting builders, generating skills, and publishing — these requirements are coherent with that purpose and no unrelated credentials or system-level accesses are requested.
!
Instruction Scope
The instructions delegate to 'builder' tools in .soup/builders and say to 'follow the builder's instructions to generate a new Agent Skill' — this is open-ended and can result in executing arbitrary, unvetted builder logic or code. The skill reads/writes .soup/* and saves a JWT to .soup/auth.json (expected), but the agent is given broad discretion to run builder workflows and publish repos via the API.
Install Mechanism
Instruction-only skill with no install spec and no code files; nothing is written to disk by an installation step. Runtime will create .soup directories and save tokens, which is consistent with an instruction-only design.
Credentials
No environment variables or external credentials are declared. Authentication is performed via a device-flow against the local API and the token is stored in .soup/auth.json — this matches the documented flow and does not request unrelated secrets.
!
Persistence & Privilege
always is false, but disable-model-invocation is false (default), so the skill may be invoked autonomously. Combined with the ability to run builder instructions and publish generated skills (potentially to GitHub via the API), this gives the skill a meaningful blast radius if allowed to run without strict user oversight.
What to consider before installing
This skill will autonomously run builder-provided workflows from .soup/builders and publish generated skills through a local API that can create GitHub repos. Only install if you fully trust the Skill Soup API and every builder in the builder pool. Before running: (1) inspect any builders in .soup/builders and don't allow unknown or unreviewed builders, (2) run the skill in a restricted environment or sandbox, (3) disable autonomous invocation or require explicit user approval before publishing, and (4) verify the API endpoint (http://localhost:3001) is the intended service. If you cannot audit builders or the API, treat this as high risk.

Like a lobster shell, security has layers — review code before you run it.

latestvk97956y266xjxv5jremh63nhs183w8zh

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments