ClawHub

hello-example

v1.0.0

A minimal example skill demonstrating .clawhubignore — the secret.md file should NOT appear in the published version.

0· 214·0 current·0 all-time
byShiwen Han@tshogx
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
The skill description's purpose is to demonstrate that .clawhubignore excluded secret.md, yet the published package contains secret.md (and its contents are reproduced in SKILL.md). That contradicts the stated purpose and suggests the ignore mechanism failed or the author accidentally published a secret file.
!
Instruction Scope
SKILL.md only instructs the agent to check whether secret.md is present, which is reasonable for a test. However, SKILL.md also includes the full contents of secret.md in the 'File contents' section, effectively publishing the secret. The instructions do not direct network exfiltration or other actions, but they do disclose sensitive-looking data in the package itself.
Install Mechanism
This is an instruction-only skill with no install spec and no code files, so nothing is written to disk or installed at runtime by the skill itself.
!
Credentials
The skill declares no required environment variables (which is appropriate), but the package includes a file that contains an api_key and a local vault_path. Publishing such credentials (even if fake) is disproportionate and risky because real secrets might be exposed the same way.
Persistence & Privilege
The skill does not request persistent or elevated privileges (always:false, no config paths, no installs). It is not asking to modify other skills or system settings.
What to consider before installing
This package is suspicious because it claims secret.md should have been excluded yet the published bundle contains that file and its contents. Although the included api_key and path look fake, treat this as a data-leak risk. Before installing: (1) do not run or grant credentials to the skill; (2) inspect the files yourself and remove secret.md if you publish or install locally; (3) ask the author to republish without secret.md and to confirm the values are not real; (4) avoid installing into environments where the exposed vault_path or keys might overlap with your real secrets. If the author removes secret.md (or confirms the content is demonstrably dummy and safe), this would reduce concern.

Like a lobster shell, security has layers — review code before you run it.

latestvk97f9d6cahkzexvc2vpyay82yh82ngnh

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments