ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Paid Bundle V1.1

v1.1.1

Production-validated OpenClaw skills built for production Claude Code deployments. Compaction, loop termination, session memory, bash security, agent memory...

0· 25·0 current·0 all-time
by~K¹yle Million@thebrierfox
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The SKILL.md describes production-focused architectures (compaction, loop termination, memory scoping, bash validators, coordinator/fork patterns) and the requested actions (copy SKILL.md files to ~/.openclaw/workspace/skills and set a memory dir) align with that purpose. However the bundle claims 7 phase files but this package contains only a single descriptor; that omission is inconsistent with the stated package contents and source (homepage/source unknown) is not provided.
!
Instruction Scope
Runtime instructions tell the user to copy seven SKILL.md files into the agent skills directory and to set CLAUDE_CODE_REMOTE_MEMORY_DIR for persistent memory; the descriptor also references 'file scanning' and forked agent behavior. Those capabilities (persisting/scanning files, spawning/forking agents, sharing caches) expand what an agent may access and do autonomously — so you must inspect the actual per-phase SKILL.md files before installation. The metadata claims no required env vars but the doc explicitly instructs setting CLAUDE_CODE_REMOTE_MEMORY_DIR, an inconsistency.
Install Mechanism
There is no automated install spec (instruction-only), so nothing will be written automatically by an installer. That lowers technical install risk, but the instructions assume you will obtain and copy seven SKILL.md files from the package — those files are not present here and no authoritative download location or release host is provided. Manual file copying from an unknown source is a potential supply-chain risk.
!
Credentials
The bundle requests a single non-secret env var (CLAUDE_CODE_REMOTE_MEMORY_DIR) for persistence; that by itself is reasonable. But registry metadata lists no required env vars while the SKILL.md mandates this variable — an inconsistency. Also enabling remote/persistent memory and file-scanning behaviors increases how much local data an agent may access; while not a credential request, this is a higher-privilege capability and should be justified and audited.
!
Persistence & Privilege
The skill instructs installing persistent SKILL.md files into the agent skills directory and sets up remote-memory persistence (survives WSL2 resets), plus multi-agent coordinator and forked-agent patterns. Those persistent capabilities and agent-spawning behaviors broaden the blast radius for an autonomously-invoking agent. 'always' is false, but combined with the other capabilities this heightens risk if you enable these features without code/content review.
What to consider before installing
Do not install blindly. Before copying anything: 1) obtain the seven phase SKILL.md files from a trustworthy source (official ClawHub or the known vendor) — do not paste files from random locations; 2) manually inspect each phase SKILL.md to see exactly what file paths, scans, or commands the agent will run (look for any references to reading system files, credentials, network exfiltration, or exec of arbitrary binaries); 3) confirm why CLAUDE_CODE_REMOTE_MEMORY_DIR is needed and pick a restricted path (not a system or root-owned dir); 4) run the bundle first in an isolated VM or disposable account to observe behavior; 5) prefer vendors that publish source/release URLs and checksums; 6) if you allow autonomous invocation, limit model/skill permissions and monitor logs for unexpected spawning or file access. If you cannot verify the origin of the missing phase files or cannot review their contents, treat the bundle as untrusted.

Like a lobster shell, security has layers — review code before you run it.

latestvk972b3bdb83wd9abs1qn0ws32d845r0q

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments