Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Oracle
v1.0.0Best practices for using the oracle CLI (prompt + file bundling, engines, sessions, and file attachment patterns).
⭐ 0· 72·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
Name/description describe best practices for the oracle CLI and the manifest requires the 'oracle' binary (or installs @steipete/oracle from npm). Requiring a CLI binary (or installing it via a node package) is proportional to the stated purpose.
Instruction Scope
SKILL.md provides runtime instructions that stay on-topic (how to pick files, engines, sessions, attachments). It references behavior that can upload pasted/attached files (browser attachments, remote host upload) and tells users not to attach secrets. It also references environment variables and session paths (OPENAI_API_KEY, ORACLE_HOME_DIR, ~/.oracle/sessions) and a remote serve command that binds to 0.0.0.0. These are expected for this CLI but are operationally significant (potential data upload, exposed service) and should be reviewed by the user.
Install Mechanism
Install is via an npm package (@steipete/oracle) which will create the 'oracle' binary. npm installs are a common and expected mechanism for a JS/Node CLI; they carry the usual moderate registry risk (package-owner trust, supply-chain considerations). There are no direct downloads from arbitrary URLs or extract operations listed.
Credentials
The manifest declares no required env vars, but SKILL.md references OPENAI_API_KEY (to auto-pick API engine) and an override ORACLE_HOME_DIR. Those env vars are not declared in the skill metadata. While the referenced variables are plausible for the tool, the mismatch between declared requirements and instructions means the agent may rely on user-provided credentials or paths that the metadata doesn't advertise — review your environment before running.
Persistence & Privilege
The skill does not request always:true and is user-invocable only. The instructions note session storage under ~/.oracle/sessions, which is limited to the tool's own directory and is reasonable for a CLI that stores sessions. The skill does show how to run a remote server (oracle serve --host 0.0.0.0 --port 9473 --token <secret>) — running that exposes a network service and should be done intentionally and with proper network controls.
Assessment
This skill is largely documentation for the oracle CLI and installs via an npm package. Before installing or running it: 1) Verify the npm package owner (@steipete) and inspect the package contents or source repo if you don't already trust it. 2) Be aware SKILL.md references OPENAI_API_KEY and ORACLE_HOME_DIR even though they aren't declared — if you have these env vars set, the CLI may use them; ensure any API keys you have are appropriate for the intended runs. 3) Never attach secret files; the docs repeat this but the tool can upload attachments in browser mode — only include the minimal files needed and scrub secrets. 4) Avoid running the serve command bound to 0.0.0.0 on an Internet-exposed host; if you must accept remote connections, bind to loopback or place behind a firewall and use strong tokens. 5) Consider installing the CLI in an isolated environment (container or dedicated VM) if you will run it against sensitive repositories. If you want more assurance, provide the package source (repo or npm link) so it can be reviewed for unexpected behavior.Like a lobster shell, security has layers — review code before you run it.
latestvk97e04h0jvc5mpyx49rt604n7d83d1mk
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
🧿 Clawdis
Binsoracle
Install
Install oracle (node)
Bins: oracle
npm i -g @steipete/oracle