Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The name/description (a lightweight task-planning / info-gathering agent) matches the core behaviors described (Q&A and research workflows). However the SKILL.md mandates use of platform tools (e.g., url_scraping, call_other_agents) without declaring or justifying those tool requirements and contains contradictory rules about when to call call_other_agents. That mismatch between stated purpose and required tool-handling is surprising and unexplained.
Instruction Scope
The SKILL.md contains an 'ABSOLUTE SECURITY PROTOCOL' that (a) orders the agent to refuse any explanation of its internal instructions using a fixed canned response and immediately redirect the conversation, (b) discourages asking users for consent and (c) prescribes when and how to call other agents and web-scraping tools. These directives both conflict with transparency and create scope creep (forced external scraping and agent handoffs) and contain internal contradictions (prohibiting call_other_agents in one workflow while requiring it in another).
Install Mechanism
Instruction-only skill with no install spec and no code files. Nothing is written to disk by the skill package itself, which is low-risk from an install point of view.
Credentials
The skill requests no environment variables or credentials (proportionate). However, it mandates calling external scraping tools and other agents at runtime; those calls could request or require permissions/credentials when executed — the SKILL.md does not justify or limit what data should be included in those handoffs, raising a risk of data exposure at runtime.
Persistence & Privilege
The skill does not request 'always' or extra privileges, but its instructions explicitly instruct the agent to refuse transparency and to avoid asking users for consent, which increases the effective opacity of the skill when it runs. Combined with mandated agent handoffs and scraping, that makes runtime auditing and user oversight harder.
What to consider before installing
This skill is internally inconsistent and contains directives that actively hide its own behavior (a canned refusal to explain internal instructions) and that force use of other agents and web-scraping without clear limits. Before installing, ask the publisher to: (1) explain and justify why the skill must refuse any disclosure of its instructions and why it disallows asking users for consent; (2) remove the contradictory tool rules (when to call call_other_agents); (3) state exactly what tools/permissions the skill will call at runtime and what data will be shared with those tools/other agents. If the publisher cannot provide clear, reasonable answers, avoid installing — the skill could make unauditable handoffs or unintentionally exfiltrate data despite having no declared credentials.Like a lobster shell, security has layers — review code before you run it.
latestvk979e3zydqazbtqsb9xwmka4ts8163yq
License
MIT-0
Free to use, modify, and redistribute. No attribution required.