ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Vnstock Environment Setup for Python Vibe Coding

v1.0.0

Comprehensive environment diagnostic, setup, and agent guide installation for the Vnstock ecosystem (Free or Sponsored). Validates OS, Python, venv, and perf...

0· 99·0 current·0 all-time
by@thinh-vu
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name, description, SKILL.md, and the two Python scripts are generally consistent: diagnostics, venv guidance, and installing an Agent Guide. However, the skill instructs use of an API key in command lines (not declared in requires.env) and relies on external URLs (vnstocks.com) to fetch requirements/installer — these are reasonable for a vendor-specific installer but should have been declared by the skill as expected credentials/endpoints.
!
Instruction Scope
Runtime instructions tell the agent to run diagnostics and to install/update an Agent Guide by cloning a GitHub repo and copying/overwriting files in the user's workspace (docs/, .agents/skills/*). The SKILL.md mandates asking permission before overwriting docs/, and the script enforces a --confirm-docs-overwrite flag, but the process still overwrites files and replaces skills in .agents/skills (it will remove existing skill directories). The instructions also recommend piping remote installer scripts into bash and passing API keys on the command line — both increase risk of accidental credential exposure or arbitrary code execution.
!
Install Mechanism
There is no platform install spec (instruction-only) but the included scripts perform network installs: git installer from a GitHub release (expected), git clone from github.com (expected), and pip installs / wget|curl from https://vnstocks.com (unknown third-party domain). The curl/wget piped to bash pattern is high risk because it executes remotely-fetched code without local inspection. Pip installs directly from a remote requirements.txt also pulls arbitrary packages from that host or package indexes reachable from it.
!
Credentials
The skill declares no required environment variables or credentials but the instructions and examples show an API_KEY being passed to the sponsor installer (not declared). The scripts read common environment markers like VIRTUAL_ENV/CONDA_PREFIX (reasonable), but they also modify workspace state: initialize git, create commits, remove and replace skill directories under .agents/skills, and overwrite docs/. Modifying other skills' directories and making commits is a significant privilege that goes beyond a simple diagnostic helper.
!
Persistence & Privilege
always:false (good), but the scripts autonomously modify repository state (git init/commit/config), can run privileged package manager commands (sudo apt-get) and will overwrite docs/ and .agents/skills directories. Although not claiming permanent platform privileges, the skill's behavior is intrusive and can replace other skills and documentation in the workspace — this increases blast radius if invoked by an agent without tight user approval.
What to consider before installing
This skill appears to do what it claims (diagnose environment and install an Agent Guide) but it is intrusive and includes higher-risk operations. Before running it, consider these precautions: - Inspect remote resources first: manually open https://vnstocks.com/files/requirements.txt and the installer script rather than piping curl/wget into bash. Prefer downloading and reviewing files before execution. - Avoid passing secrets on the command line (the example --api-key "API_KEY" will appear in process lists). Use a secure credential mechanism if required and ask the installer vendor for a safer method. - Back up your repository and .agents/skills and docs/ before running the script (the script can delete and replace these directories). The setup script will attempt git commits, but you should create an independent backup. - Verify the GitHub repo (https://github.com/vnstock-hq/vnstock-agent-guide.git) contents yourself to ensure it is legitimate and review what will be copied into your workspace. - Prefer running the diagnostic script only (scripts/diagnostics.py) first in an isolated environment (container or temp clone) to see results without modifying files. - Be cautious if you allow an autonomous agent to invoke this skill: it can run sudo, install packages, overwrite files, and replace other skills. Only grant autonomous use if you fully trust the skill source. If you want, I can: (1) fetch and show the contents of the remote requirements/installer (if you provide permission), (2) suggest a safer sequence of manual commands to apply, or (3) run a dry-run checklist to identify exactly what would be overwritten and what network calls would be made.

Like a lobster shell, security has layers — review code before you run it.

latestvk976h7bh2z27prjc8rxqvgsmkx832xrf

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments