Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Qa Agent

v1.0.0

Un agente para realizar tareas de control de calidad (QA), incluyendo análisis de código, ejecución de pruebas y reporte de problemas.

⭐ 0· 498·0 current·0 all-time

bySteven Martínez@steven-mr3

MIT-0

Download zip

LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.

Security Scan

VirusTotal

Benign

View report →

OpenClaw

Suspicious

medium confidence

✓

Purpose & Capability

Name/description match the provided artifacts: linting and test-runner scripts (ruff, pytest, eslint, jest) and reporting are exactly what the skill implements. Having helpers for both Python and JavaScript is coherent for a QA agent.

ℹ

Instruction Scope

Runtime instructions are concrete: they run shell scripts in scripts/ that invoke linters and test frameworks against a provided path (default: current directory). This necessarily lets the skill read and execute code in the target directory (including any secrets present). The instructions do not attempt to exfiltrate data or contact external endpoints, but they do grant the skill broad discretion to run tests on arbitrary paths which may expose sensitive repo contents if run at an inappropriate scope.

Install Mechanism

Although described as instruction-only (no install spec), the published bundle contains ~850 files including a complete Python virtualenv (venv/) with pip, pytest, ruff and many vendored packages. The scripts call venv/bin/ruff and venv/bin/pytest directly. Bundling and executing a shipped virtualenv is unusual for an instruction-only skill and increases risk because bundled interpreters/entrypoints may run arbitrary code. There is no provenance / source URL for these packages and no install script verifying integrity.

✓

Credentials

The skill declares no required environment variables, no credentials, and no config paths. The runtime scripts do not reference external env vars beyond typical shell behavior. This is proportional to a QA tool. (Note: some internal library code references standard PYTEST_THEME-like env vars for display, but nothing requires secrets.)

✓

Persistence & Privilege

Skill flags are default: always:false, user-invocable:true, autonomous invocation allowed. The skill does not request permanent presence or modify other skills. Autonomous invocation combined with the bundled venv increases blast radius somewhat, but autonomous invocation alone is normal.

What to consider before installing

This skill appears to be a real QA helper, but exercise caution because the package includes a full Python virtualenv (hundreds of files) that the skill will execute (venv/bin/pytest and venv/bin/ruff). Before installing or running it: 1) Inspect the bundled venv (especially any scripts in venv/bin) to ensure there are no unexpected entrypoints or network calls; 2) Prefer running the skill in an isolated environment (container, sandbox, or ephemeral VM) and avoid pointing it at sensitive system directories or repos containing secrets; 3) If you already have ruff/pytest/eslint/jest installed and trust them, consider removing or replacing use of the bundled venv and relying on system tools; 4) Note that running the scripts against the current directory will let the skill read and execute your repository code — only run it where you control the contents. If you want higher assurance, ask the author for provenance (origin of the venv) or for a version that uses verified package installation rather than shipping a full venv.

✗

venv/lib/python3.13/site-packages/_pytest/_code/code.py:161