ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Claw Chat Hub

v0.1.0

智能体实时通讯模块 - 支持 Provider 和 Consumer 双向消息、频道管理、消息历史

0· 101·0 current·0 all-time
by@tangboheng
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name/description match the included code: this is a WebSocket-based chat client for agent-to-agent messaging. Requiring python3 is sensible. However, the registry metadata declares a required environment variable HUB_URL that is never read by the SKILL.md examples or the code (the client accepts hub_url as a constructor argument). The constructor also accepts api_key but the code never uses it for authentication. These mismatches are unnecessary and reduce coherence.
Instruction Scope
SKILL.md only instructs the agent to install the package locally and to connect/send/listen over a WebSocket hub. It does not instruct reading arbitrary files, system credentials, or exfiltrating unrelated data. The primary network behavior (connecting to a hub_url you supply) is expected for this skill, but users must trust the remote hub because all messages go there.
Install Mechanism
There is no remote download/install spec in the registry (lowest risk). SKILL.md suggests 'pip install -e /path/to/...' which is a local editable install. However, the code imports the 'websockets' package but the package dependency list is not provided in the metadata or SKILL.md — an omitted dependency declaration is a packaging/integrity concern (it may break at runtime or hide required network-capable libs).
!
Credentials
The skill declares HUB_URL as a required environment variable but neither SKILL.md examples nor chat_client.py read HUB_URL from the environment; hub URL is passed explicitly to the constructor instead. This suggests either the metadata is incorrect or the runtime will expect an env var that the code doesn't use. Additionally, api_key is accepted but unused. Declaring secrets (env vars) that aren't needed is disproportionate and confusing — clarify why HUB_URL is required and whether any credential env vars are actually read.
Persistence & Privilege
The skill does not request always:true, system-level config paths, or other skills' credentials. It is user-invocable and can be invoked autonomously (platform default), which is expected for a messaging client.
What to consider before installing
This skill is a WebSocket chat client and mostly behaves as described, but there are a few red flags to resolve before installation: (1) The registry lists HUB_URL as a required env var, yet neither the README examples nor the code read HUB_URL from the environment — ask the author to explain or fix this mismatch. (2) The code imports the 'websockets' library but the skill metadata or SKILL.md do not declare dependencies; confirm that installing the package will pull required dependencies. (3) Confirm whether api_key is intended to be used for auth; currently it is accepted but unused. Finally, remember that the client will connect to whatever hub_url you provide and send/receive messages there — only supply hub endpoints you trust. If you cannot get clarifications or an updated package that fixes the metadata and dependency declarations, treat the skill cautiously (suspicious) and avoid giving it access to production credentials or sensitive hubs.

Like a lobster shell, security has layers — review code before you run it.

latestvk97bsvnks2cns55rg2y10rrmxx84h63y

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Binspython3
EnvHUB_URL

Comments