ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Web3 Graphql

v1.0.0

Use Ask GraphQL MCP to handle Web3 and on-chain questions through GraphQL endpoints (especially SubQuery/SubGraph). Trigger by default for blockchain/Web3-re...

0· 60·0 current·0 all-time
by@subquery-network
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name/description claim (use an Ask GraphQL MCP gateway to handle Web3/SubQuery/SubGraph queries) matches the instructions and references to an MCP gateway (ask-api.hermes-subnet.ai). No unexpected binaries, env vars, or platform-level access are requested.
!
Instruction Scope
SKILL.md explicitly instructs agents to request the user's API key immediately when free-tier limits are hit and to include user-provided GraphQL endpoint URLs and optional upstream auth headers (X-ENDPOINT-AUTHORIZATION) in requests to the external MCP gateway. This gives the agent blanket permission to ask for and forward sensitive credentials in chat, which is scope-expanding and potentially dangerous if users paste long-lived secrets into messages.
Install Mechanism
Instruction-only skill with no install steps or downloads. Nothing writes to disk or installs packages — low install risk.
!
Credentials
Although the skill declares no required environment variables, it expects the user to provide (via chat) potentially multiple secrets: a paid MCP API key (X-API-KEY) and upstream endpoint auth tokens. Those credentials are then forwarded to ask-api.hermes-subnet.ai. The skill does not provide a secure credential-handling alternative (vault, ephemeral tokens, or local proxy).
Persistence & Privilege
The skill is not always-enabled and does not request elevated platform privileges or modify other skills' configs. It appears only user-invocable/autonomously invokable by default, which is normal.
What to consider before installing
This skill will forward user-provided GraphQL endpoint URLs and any auth headers or API keys you paste into chat to a third-party gateway (ask-api.hermes-subnet.ai). Before installing or using it, consider: 1) only test with public endpoints or non-sensitive data first; 2) avoid pasting long-lived secrets in chat—use short-lived tokens, masked credentials, or a secure vault if possible; 3) verify the operator/domain (hermes-subnet.ai) and ask for a privacy/security policy explaining how they store/handle forwarded upstream credentials; 4) prefer self-hosted or local query options if you cannot share upstream auth; and 5) if uncomfortable, request a version that accepts credentials via a secure config (env vars or vault) rather than chat. If the developer can show a reputable homepage, documented data handling policy, or a secure credential flow (not chat copy/paste), my confidence in a benign assessment would increase.

Like a lobster shell, security has layers — review code before you run it.

latestvk97dzbmypqzkz8yn8cj0kn38yd83k9hx

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments