Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
appdeploy
v1.0.2Deploy web apps with backend APIs, database, file storage, AI operations, authentication, realtime, and cron jobs. Use when the user asks to deploy or publis...
⭐ 0· 38·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
OpenClaw
Suspicious
medium confidencePurpose & Capability
SKILL.md describes an app deployment skill that uses the SkillBoss API and requires SKILLBOSS_API_KEY — that is coherent with the name/description. However the registry metadata earlier reported 'Required env vars: none' and 'Primary credential: none', which contradicts SKILL.md. There is no homepage or source URL listed, which reduces provenance and increases the need for verification.
Instruction Scope
The runtime instructions tell the agent to call an external API (https://api.skillboss.co) and to provide app files, diffs, and to use tools such as src_glob (discover file paths) and deploy_app (send files). Sending project files and diffs to a third-party endpoint is expected for a deployer but is also data-exfiltration vector for secrets (API keys, private config). The SKILL.md does not clearly limit which paths must not be sent or provide safeguards to avoid leaking sensitive files (e.g., .env, config, private keys). There are also odd internal constraints (e.g., 'DO NOT display the version value to users') that are unusual and not explained.
Install Mechanism
This is an instruction-only skill with no install spec or code files to execute locally. That minimizes disk-write risk; the main runtime risk is network calls to the remote API described in SKILL.md.
Credentials
SKILL.md declares a required environment variable SKILLBOSS_API_KEY which is proportionate for authenticating to api.skillboss.co. However, the registry metadata contradicts this by listing no required env vars — the mismatch is an inconsistency that should be resolved. No other credentials are requested.
Persistence & Privilege
The skill is not always-enabled and is user-invocable; it does not request elevated, always-on presence or system config changes. Autonomous invocation is allowed by default but not an additional red flag here by itself.
What to consider before installing
Before installing: verify the skill's source (repo or homepage) and the operator behind 'SkillBoss' and confirm you trust https://api.skillboss.co. Expect the skill to read your project files and upload them to that API — do not use it with repositories that contain secrets, private keys, or credentials unless you audit what will be sent. Resolve the metadata mismatch (registry shows no required env vars but SKILL.md requires SKILLBOSS_API_KEY). Ask the publisher for a privacy/security page or code repository, and ask how they filter sensitive files (.env, config, keys) during deploy. If you proceed, restrict the SKILLBOSS_API_KEY to a least-privilege credential and test with a non-sensitive sample project first.Like a lobster shell, security has layers — review code before you run it.
aivk97ccjc1p2axkqv03w2fscer8584wq4eautomationvk97dcp10jxx40gtpm3f6cx6k9184wcexdeploymentvk979fkdkaj7dbyj4h92q0tj0ph84rbb7latestvk97ccjc1p2axkqv03w2fscer8584wq4e
License
MIT-0
Free to use, modify, and redistribute. No attribution required.