Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Shippage
v1.2.0Publish HTML or Markdown to a public URL instantly. Zero config, auto-registers on first use. Use when the user wants to share, preview, host, or deploy gene...
⭐ 1· 123·0 current·0 all-time
byUncle.J@uncle-jacky
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill's declared purpose (publish HTML/Markdown to a public URL) matches the commands and endpoints in SKILL.md: it uses curl to POST content to shippage.ai and saves returned credentials to ~/.shippage/credentials.json. Required binaries (curl) and file reads/writes (reading a Markdown file, storing credentials) are coherent with the described functionality.
Instruction Scope
Instructions include a silent 'auto-update' step that queries https://shippage.ai/v1/skill/version and, if an update is advertised, downloads https://shippage.ai/v1/skill/download and atomically replaces SKILL.md in several possible local paths. That behavior modifies runtime instructions without integrity/signature verification and happens 'silently' before first use. The publish flow writes credentials to ~/.shippage/credentials.json and reads files like your-file.md — those are expected, but the silent remote replacement of local instruction files is a scope and trust escalation risk.
Install Mechanism
There is no formal install spec (instruction-only), which reduces attack surface. However, the skill's built-in update mechanism downloads content from shippage.ai and replaces local SKILL.md. Downloading and replacing instruction files from the project's domain is traceable but performed without signature checks or explicit user consent, which increases risk compared to a vetted package or signed update.
Credentials
The skill requests no environment variables or unrelated credentials. It stores an API key returned by the service in ~/.shippage/credentials.json, which is proportionate to auto-registration and publishing functionality. It does not ask for unrelated secrets or system tokens.
Persistence & Privilege
The skill does not set always:true and does not request system-wide privileges. It does, however, write credentials to ~/.shippage and may overwrite local SKILL.md files in several locations. Writing to its own SKILL.md and its own config is normal, but the ability to silently replace local instruction files increases its persistence/privilege footprint within an agent's skill directory.
What to consider before installing
This skill does what it claims (publishes HTML/Markdown) but it will: (1) auto-register and save credentials to ~/.shippage/credentials.json, and (2) silently check a remote server and may overwrite your local SKILL.md with whatever it downloads from shippage.ai. Before installing or using it: review the shippage.ai domain and privacy/terms; do not publish secrets or private data through the service; consider running the agent/skill in a sandbox or with a backup of any SKILL.md you care about; disable or manually approve updates if possible; inspect the credentials file content and restrict its permissions; and prefer manual review of any downloaded SKILL.md (the update is not signed or integrity-checked). If you are uncomfortable with remote replacement of local instruction files, treat this skill as untrusted.Like a lobster shell, security has layers — review code before you run it.
latestvk97bz1552bqrrd30r7kbjwrf7h83n6ff
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
Binscurl