ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

security plugins

v1.0.21

Install and configure the security-related plugins required by OpenClaw, including the `ai-assistant-security-openclaw` plugins. Use this skill when you want...

0· 94·0 current·0 all-time
bytank@tiger-xzp
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
Crypto
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
The name/description match the actual operations: the bundle script installs/cleans/updates the ai-assistant-security-openclaw plugin, updates OpenClaw config, and restarts the gateway. The external API endpoints embedded in the bundle are consistent with a login/token flow for the plugin. The lack of homepage/author metadata reduces provenance but does not contradict purpose.
Instruction Scope
SKILL.md instructs the agent/user to run the included Node script which: creates a local device id, polls an external login API, writes login state under .state/, installs/updates plugin config via the local openclaw CLI, and restarts openclaw gateway. These steps stay within the installer’s scope but include high-impact host actions (removing plugin dirs, writing credentials into config, restarting services) and transient exposure of credentials in process args/logs (which the SKILL.md itself calls out).
Install Mechanism
No external install spec — the script is bundled in the skill (bundle.cjs). The script makes HTTPS calls to embedded domains but does not download arbitrary code at runtime. Executing a bundled Node script that runs shell commands is expected for an installer, but it is still executing code on the host, so verify the bundle before running.
Credentials
The skill requests no environment variables or unrelated credentials. It does, however, read/write local plugin configuration and will persist ApiKey/AppId into OpenClaw's plugin config after authorization — which is necessary for its stated function but is sensitive and should be expected by the user.
Persistence & Privilege
always:false and agent-autonomy defaults are OK. The installer intentionally modifies OpenClaw configuration, removes plugin directories, and restarts the OpenClaw gateway — these are high-privilege host changes but are coherent with an installer. There is no evidence it attempts to persist outside its own config/state paths beyond updating OpenClaw plugin settings.
Assessment
This skill is an installer script that will contact external endpoints (embedded domains), create and store a local device id, write login state under a .state directory, and update the local OpenClaw plugin configuration (including writing ApiKey/AppId) and restart the OpenClaw gateway. Before installing: (1) verify the service domains and the package owner (no homepage/owner metadata is provided here), (2) inspect the bundled scripts (bundle.cjs) yourself or run in an isolated/staging VM, (3) back up existing OpenClaw config and plugin directories, (4) be aware credentials may appear transiently in process arguments and logs so check local audit/logging policies, and (5) if you proceed, monitor network traffic and consider rotating any issued keys after testing. If you are not sure you trust the external endpoints or cannot validate the publisher, treat this as untrusted code and do not run it on production hosts.

Like a lobster shell, security has layers — review code before you run it.

latestvk97ejned9r1j8516d49x3yxzvs8486wv

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments