ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

ScopeBlind Red Team

v0.1.1

Policy benchmarking runner for MCP security policies. Runs attack suites against protect-mcp policy packs, produces signed receipts and badges.

0· 70·0 current·0 all-time
byTJF@tomjwxf
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The skill claims to run attack suites against protect-mcp policies and the SKILL.md instructs use of @scopeblind/red-team and protect-mcp npm packages, which is coherent with the stated purpose. However the registry-level metadata provided to you earlier lists no required binaries while the SKILL.md declares 'npx' is required — this metadata mismatch is unexplained.
Instruction Scope
Runtime instructions are concise and stay on-task (examples show npx scopeblind-red-team --policy ...). They also include an 'install' line telling the user to run a global npm install. The SKILL.md mentions producing 'signed receipts and badges' but does not explain how signing keys are obtained or where badges/receipts are uploaded, which is vague and could lead to unexpected requests or network activity.
Install Mechanism
There is no platform install spec, but the skill's instructions tell users to run 'npm install -g @scopeblind/red-team@latest protect-mcp@latest'. Installing packages from the public npm registry is a common choice for this tooling but carries the normal risks of executing third‑party package code and modifying the system (global install). This is expected for the stated purpose but requires trusting the npm packages and their maintainers.
!
Credentials
The SKILL.md declares no required environment variables, yet it promises 'signed receipts' without explaining key management; that suggests missing credential requirements or unclear behavior. Also the earlier provided registry summary omitted the SKILL.md's declared dependency on 'npx' (and implicitly Node/npm), which is an unexplained discrepancy that could cause surprises at runtime.
Persistence & Privilege
The skill is not marked always:true, it is user-invocable, and there is no indication it attempts to persistently modify other skills or global agent configuration. The only persistence-related action in instructions is a recommended global npm install, which is local system modification but not an agent privilege escalation.
What to consider before installing
This skill appears to do what it says (run red-team checks against protect-mcp policies) but exercise caution: 1) The SKILL.md tells you to run a global 'npm install -g' — that will download and execute code from npm, so only proceed if you trust the @scopeblind and protect-mcp packages and their maintainers. 2) Verify you have Node/npm/npx installed (the registry metadata omitted this requirement). 3) Ask or inspect how 'signed receipts' are produced and where badges are sent — if signing requires keys or network uploads, confirm what credentials are needed and whether they will be transmitted externally. 4) Prefer testing in a disposable environment (container or VM) and, if possible, review the npm package source before installing. If you want, I can fetch the npm package pages and summarize their maintainers, versions, and homepage info to help decide whether to trust them.

Like a lobster shell, security has layers — review code before you run it.

latestvk97a2fk9kgfp37jz3501fybw2d83njvj

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments