ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Raspberry Pi Manager

v2.0.1

Manage Raspberry Pi devices — GPIO control, system monitoring (CPU/temp/memory), service management, sensor data reading.

0· 360·0 current·0 all-time
by@bytesagain1
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (Pi management: GPIO, monitoring, service/sensor logging) align with the shipped script and SKILL.md. The script implements logging, search, export, stats and status features described. No unrelated services, cloud APIs, or unexpected binaries are requested.
Instruction Scope
SKILL.md instructs local bash usage and the provided script implements the commands. All file reads/writes are limited to the declared local data directory (~/.local/share/raspberry-pi-manager). The instructions do not request collecting system-wide secrets or contacting external endpoints.
Install Mechanism
No install spec is provided (instruction-only), but a runnable script is included. This is low risk — nothing is downloaded at install time — but users should be aware the packaged script is expected to be executed locally.
Credentials
No environment variables, credentials, or config paths are required. The script uses standard Unix utilities (date, wc, du, head, tail, grep, basename, cat) which is consistent with declared requirements.
Persistence & Privilege
The skill does not request always: true and does not modify other skills or system-wide settings. It persists only to a user-local directory and requires no root privileges.
Assessment
This skill appears coherent and runs entirely locally, storing logs under ~/.local/share/raspberry-pi-manager. Recommended precautions before installing: (1) review the included scripts (scripts/script.sh) yourself — the package is executed locally; (2) note that logs may contain sensitive operational data (SSH hosts, IPs, filenames) so restrict file permissions and back up or purge as needed; (3) because there is no install step, ensure the execution context (agent or user) is trusted before running the script; (4) if you expect networked device control (GPIO toggles, remote commands) confirm those features are actually implemented — this package is primarily a local logging/audit tool, not a remote management agent.

Like a lobster shell, security has layers — review code before you run it.

chinesevk978cwdrvk8wkkk36httzjsgg982q3h8latestvk972qfgbbqszq2pzmk0jj7yen9834dwfproductivityvk978cwdrvk8wkkk36httzjsgg982q3h8

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments