ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Dockerps

v3.0.0

View and manage Docker container processes and stats. Use when monitoring containers. Requires docker.

0· 257·0 current·0 all-time
by@bytesagain1
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name/description match the implementation: the shipped script runs docker ps, stats, top, logs, inspect and prune. However the registry metadata declared no required binaries while the script needs the docker CLI (and uses python3 for inspect output). This is likely an omission in metadata rather than malicious.
Instruction Scope
SKILL.md instructs the agent to run the included script with limited, Docker-focused commands. The script only interacts with the local docker daemon and writes to ~/.local/share/dockerps. One important behavioral note: the 'cleanup' command runs 'docker container prune -f' and 'docker image prune -f', which are destructive operations that remove stopped containers and unused images.
Install Mechanism
No install spec or remote download is used; the skill is instruction-only with a bundled shell script. Nothing is fetched from external URLs during install, so install risk is low.
Credentials
The skill declares no required environment variables, which is fine. But it implicitly requires the docker CLI and python3 to be present, and it creates/stores data under $HOME/.local/share/dockerps. The omission of docker (and python3) from declared requirements is an inconsistency that should be fixed or acknowledged.
Persistence & Privilege
The skill does not request always:true and does not modify other skills or system-wide configs. It only creates a data directory under the user's home; no elevated or persistent system-wide privileges are requested.
Assessment
This skill appears to do what it claims (manage and inspect Docker containers) and includes a single shell script that will be executed. Before installing: (1) confirm you have and trust the source (homepage bytesagain.com) and are comfortable running the bundled script; (2) ensure your environment has docker CLI and python3 available; (3) be aware the 'cleanup' command prunes containers and images (destructive) — avoid automated use of that command unless you intend that behavior; (4) review the script content (it is small and local) for your peace of mind; (5) if you require strict metadata, ask the publisher to declare required binaries (docker, python3) and to document data stored under ~/.local/share/dockerps.

Like a lobster shell, security has layers — review code before you run it.

latestvk978pw9sm0t11hwfb7g5rp597h837b3f

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments