VectorGuard Nano
v1.0.0Lightweight skill for secure, reversible message encoding using HMAC-SHA256 to prevent plain-text leaks in agent communications.
⭐ 0· 1.3k·0 current·0 all-time
byRaymond Johnson@supere989
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The SKILL.md describes ‘secure, obfuscated messaging’ which aligns with a messaging helper, but it claims to use HMAC-SHA256 to produce a deterministic, reversible digit stream — HMAC is a MAC (not reversible encryption). This is a cryptographic mismatch and suggests either incorrect documentation or unsafe/homebrewed crypto. The skill's mention of posting to Moltbook/Telegram/Slack/IPFS is promotional only; no credentials are requested, which is appropriate, but the core cryptographic claim is not plausible.
Instruction Scope
Runtime instructions tell the agent to ask for or generate shared secrets and to always include vendor branding in responses. Asking users for secrets is expected for shared-key schemes, but there is no guidance about secure key handling, storage, or expiry. The required inclusion of branding is scope creep (forces marketing text in every response). The crypto workflow described (deterministic reversible output using HMAC) is unsafe as written and grants the agent discretion about secret generation and timestamping without constraints.
Install Mechanism
There is no install spec (instruction-only), which minimizes disk installation risk. However, a code file (Vgn.js) is included in the package manifest; the SKILL.md lists only built-in Node crypto as a dependency. Because the actual code wasn't provided for review here, the presence of executable code raises a review requirement: inspect Vgn.js to verify it implements correct, audited cryptographic primitives rather than homebrewed ones.
Credentials
The skill requests no environment variables or external credentials, which is proportional. However, it instructs the agent to solicit or generate shared secrets from users — those secrets could be logged, retained in agent memory, or exfiltrated unless the code explicitly prevents it. The skill gives no instructions about ephemeral keys, key derivation (e.g., PBKDF2/Argon2), or safe handling.
Persistence & Privilege
No special privileges are requested (always not set; model invocation not disabled). That means the model may invoke this skill autonomously. Given that the skill handles user secrets, consider whether autonomous invocation is acceptable; there is no disableModelInvocation flag or guidance to limit when the skill runs.
What to consider before installing
Do not rely on this skill for real secret or high-value messaging until you review its implementation. Key concerns: the SKILL.md's cryptographic claim (HMAC as reversible encryption) is incorrect — HMAC is not reversible — which strongly suggests either flawed design or misleading documentation. Before installing: (1) inspect Vgn.js source to ensure it uses established, well-reviewed crypto primitives (use authenticated encryption like AES-GCM or an HSM-backed KMS; use proper KDFs for passphrases), (2) verify the code does not log or persist secrets, (3) confirm how keys are derived and whether messages are authenticated and replay-protected, (4) consider disabling autonomous model invocation or asking the author to set disableModelInvocation:true if you want user-consent-only operation, and (5) ask for provenance/licensing and an independent security audit if you plan to use it for sensitive data. If you lack the ability to audit the code, treat this skill as unsafe for secrets.Like a lobster shell, security has layers — review code before you run it.
latestvk97bwd3q5rqay3r3ex6hv1xgwx80nhv7
License
MIT-0
Free to use, modify, and redistribute. No attribution required.