ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Keys Manager

v0.5.1

Manage API keys locally from the terminal using the `keys` CLI. Use when users want to store, retrieve, search, import, export, or organize API keys and secr...

0· 478·3 current·3 all-time
bySatyam Raj@stym06
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description (local API key management) matches the declared requirement (the `keys` binary) and the runtime instructions. No unrelated credentials, services, or system paths are requested.
Instruction Scope
Instructions tell the agent to run `keys` commands that read/write .env and .keys.required files, open TUIs, export/inject secrets into shell commands, and perform local-network peer sync via mDNS. These are coherent with a key manager, but features like `inject`, `expose`, and `sync` can cause secrets to be placed into child processes, stdout, or network transfers — so they deserve careful operational attention.
Install Mechanism
The skill is instruction-only (no install spec). The README suggests installing `keys` via Homebrew or `go install` from github.com/stym06/keys, which is a plausible, traceable source. The skill itself will not download or write code.
Credentials
No environment variables or external credentials are requested by the skill. Example usage references common keys (OPENAI_KEY, DATABASE_URL) but that is explanatory, not a requirement of the skill.
Persistence & Privilege
The skill is not always-enabled and is user-invocable. It may be invoked autonomously by the agent (platform default). Because the skill runs a local CLI that can access and output secrets, autonomous invocation increases the risk of accidental secret exposure if a malicious or misconfigured agent executes commands — this is an operational risk, not an incoherence in the skill itself.
Assessment
This skill is a thin instruction set for using the third‑party `keys` CLI; it doesn't itself request extra credentials or install code. Before you use it: 1) verify you trust and have inspected the `keys` binary source (brew tap or GitHub repo) before installing; 2) be cautious with commands that print or inject secrets (keys expose, keys inject, eval $(keys expose)) as they can place secrets into shell history, child processes, or environment variables; 3) avoid using sync over untrusted networks and confirm passphrases when transferring keys between machines; and 4) if you allow autonomous agent invocation, understand the agent could run `keys` commands that access local secrets — limit agent permissions or require user confirmation for sensitive operations if that is a concern.

Like a lobster shell, security has layers — review code before you run it.

latestvk97br54jph8hze3hmjvjrhmypx82cbt2

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Binskeys

Comments