Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
configsafe
v1.0.2Infrastructure configuration auditor — scans Dockerfiles, K8s manifests, Terraform, and CI/CD pipelines for security misconfigurations
⭐ 0· 32·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description, required binaries (git, bash, python3, jq), CLI surface, and files (bash scripts + pattern definitions) align with an offline configuration scanner that offers scans, reports, and git-hook integration. Requested primary credential CONFIGSAFE_LICENSE_KEY is appropriate for Pro/Team features.
Instruction Scope
Runtime instructions and scripts are local and focused on scanning configs and installing lefthook pre-commit hooks. Hooks will run the skill's shell scripts from the skill directory on each commit (expected for a pre-commit scanner) — remember that any pre-commit hook executes arbitrary code during commits, which is normal but worth noting.
Install Mechanism
Install spec only installs the well-known 'lefthook' brew formula, which is a reasonable, low-risk choice for hook management. No archived downloads or unusual external installers are used.
Credentials
The single declared credential (CONFIGSAFE_LICENSE_KEY) is appropriate, but the code reads ~/.openclaw/openclaw.json and will attempt to parse it (SKILL.md lists that config path). The registry metadata above listed 'Required config paths: none', which is inconsistent with the SKILL.md. More importantly, license.sh embeds decoded JWT JSON directly into inline python/node -c commands (and into jq expressions) without safe escaping; a malicious or crafted license value or a tampered ~/.openclaw/openclaw.json could cause command execution or syntax injection during license validation.
Persistence & Privilege
always:false and user-invocable:true. The skill installs lefthook config into repositories when requested and sources its own scripts; it does not request permanent system-wide privileges or modify other skills' configs. Pre-commit hooks will run on commit, which is expected for this functionality.
What to consider before installing
ConfigSafe otherwise looks coherent for an offline config scanner, but exercise caution before installing: 1) The license-validation code embeds JWT payloads directly into shell-invoked python/node commands — if an attacker can supply or modify your license key or ~/.openclaw/openclaw.json this could allow code injection during license checks. 2) Hooks install will run the skill's shell scripts on every commit (normal for linters/scanners but remember hooks execute code locally). Recommended actions before installing or enabling hooks: inspect ~/.openclaw/openclaw.json and any license keys you provide; run the skill in an isolated environment (e.g., VM or disposable container) first; consider patching license.sh to parse JSON safely (e.g., pass the payload on stdin to python or use jq with a filename, avoid inlining unescaped JSON into -c strings). If you cannot verify the license source or config file integrity, treat the skill as potentially hazardous and avoid enabling automated hooks on sensitive repos.Like a lobster shell, security has layers — review code before you run it.
latestvk97djy2b4n6et9rmwpy263sh4s84vs0t
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
🐳 Clawdis
OSmacOS · Linux · Windows
Binsgit, bash, python3, jq
Primary envCONFIGSAFE_LICENSE_KEY
Install
Install lefthook (git hooks manager)
Bins: lefthook
brew install lefthook