Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Dragnet
v1.0.0Generate a verified Dragnet marketplace profile. Scans your OpenClaw workspace — SOUL.md, AGENTS.md, USER.md, MEMORY.md, conversation exports, installed skil...
⭐ 0· 27·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The skill's declared purpose (generate and sign a Dragnet profile) matches the provided instructions and the included signing script. However, the signing script embeds a hard-coded HMAC key (KEY = "dn-validation-key-alpha-2025"), which is unexpected: a marketplace verification key should not normally be distributed inside a skill. This raises questions about whether the key is a test key, a shared secret that the marketplace expects, or an attempt to enable forging of verified profiles.
Instruction Scope
The SKILL.md instructs the agent to scan many workspace artifacts (SOUL.md, AGENTS.md, USER.md, MEMORY.md, memory/*.md, conversation exports, installed skills). Those sources can contain personal data, private conversation content, or secrets. While the doc states 'Never include raw personal data, API keys, secrets,' it leaves filtering to the agent and provides no concrete sanitization rules or automated redaction, which is a privacy risk and scope creep relative to a simple profile generator.
Install Mechanism
This is an instruction-only skill with one included script; there is no external install, no downloads, and no packages pulled from remote URLs. That minimizes installation risk.
Credentials
The skill declares no required environment variables or external credentials, but the signer script contains a hard-coded secret HMAC key. Embedding a verification key in the code is disproportionate and suspicious: either the skill exposes Dragnet's secret (bad) or it uses an arbitrary key that may let anyone produce signatures accepted by the marketplace (also bad). Also, the skill reads many local files which can expose sensitive user data if not carefully filtered.
Persistence & Privilege
The skill is not always-enabled and does not request special persistent privileges or modify other skills or global agent config. Autonomous invocation is allowed by platform defaults but is not combined with other elevated privileges in this package.
What to consider before installing
Do not install or use this skill until you confirm two things with the author or marketplace: (1) where the hard-coded key comes from and whether Dragnet actually accepts signatures produced with that key — embedding a verification key in a public skill is a red flag and could allow forged 'verified' profiles; (2) how the skill prevents leaking personal data when it scans conversation exports and memory files. If you plan to use it, inspect the generated unsigned JSON before signing, and prefer a signing workflow that (a) asks you to provide your own secret via an environment variable or (b) uses a proper public-key signature (private key kept secret by the signer). Avoid uploading any profile that may contain raw personal data or API keys. If you need further help, ask the author to remove the hard-coded KEY and to add explicit sanitization steps and a clear explanation of the trust model for Dragnet verification.Like a lobster shell, security has layers — review code before you run it.
latestvk971m4a2gbw9y20xnapa71gkgx842feq
License
MIT-0
Free to use, modify, and redistribute. No attribution required.