ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Cellcog

v2.0.14

Any-to-any AI sub-agent — research, images, video, audio, music, podcasts, avatars, voice cloning, documents, spreadsheets, dashboards, 3D models, diagrams,...

8· 12.3k·84 current·90 all-time
byCellCog@nitishgargiitd
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
CryptoRequires sensitive credentials
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name/description (any-to-any multimodal sub-agent) matches the instructions (SDK usage, file tags, multi-output requests). Requiring python3 and CELLCOG_API_KEY is proportionate to calling a remote SDK/API that handles many modalities.
!
Instruction Scope
SKILL.md instructs agents to include absolute filesystem paths inside <SHOW_FILE> tags so CellCog will 'read' and process those files and to use notify_session_key for background delivery. That explicitly enables sending arbitrary local files to an external service; while needed for the stated purpose, it also makes exfiltration of sensitive host files trivial if misused. The instructions do not limit which paths should be used or warn clearly about sensitive files.
Install Mechanism
No formal install spec (instruction-only). The README suggests `pip install -U cellcog` if import fails — which would pull code from PyPI (or another pip index). Reliance on pip without an explicit install policy means arbitrary code could be installed if the package source/version is not verified.
Credentials
Only CELLCOG_API_KEY is required, which is reasonable for an external API. However, that key likely grants the ability to upload and persist data to CellCog; the skill does not document key scope, retention, or audit controls. The SKILL also references OpenClaw gateway 'sessions_send' but does not request gateway credentials — this is operational detail rather than a missing credential.
Persistence & Privilege
always is false and the skill does not request persistent platform-level privileges. It does recommend fire-and-forget notifications via an OpenClaw session key, but it does not try to modify other skills or system configs in the instructions provided.
What to consider before installing
This skill does what it says — it will take files you point it to (via absolute paths in <SHOW_FILE> tags) and send them to CellCog for multi-modal processing. Before installing or using it: 1) only give it non-sensitive test files first; avoid passing secrets, private keys, ~/.ssh, /etc, or other sensitive paths; 2) verify the CELLCOG_API_KEY scope, expiry, and revocation process (treat the key like a password); 3) review the cellcog pip package source/version (PyPI project page or GitHub) before running pip install; 4) confirm CellCog's privacy/retention policy and whether data is stored or used to train models; and 5) if you must process sensitive data, consider running a local or approved on-prem alternative or redact data before sending. If you want a lower risk setup, avoid using SHOW_FILE tags and paste only the specific non-sensitive content you consent to share.

Like a lobster shell, security has layers — review code before you run it.

latestvk97ccmwqec4ka1ypm4jhy8ah6x84wmgr

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🧠 Clawdis
OSmacOS · Linux · Windows
Binspython3
EnvCELLCOG_API_KEY

Comments