ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

karakeep-sh

v1.0.3

Karakeep bookmark manager with full native RESTful API support including notes, updates, and deletion.

0· 659·1 current·1 all-time
byVandee@vandeefeng
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
The skill's purpose (Karakeep REST bookmark manager) matches what the script does (calls a user-provided Karakeep API), but the registry metadata declares no required environment variables or primary credential while the script clearly requires KARAKEEP_SERVER_URL and KARAKEEP_API_KEY. That omission is incoherent with the stated purpose.
Instruction Scope
SKILL.md instructs the agent to require KARAKEEP_SERVER_URL and KARAKEEP_API_KEY and to always ask the user for confirmation before deletes; the script does check the env vars, but the kb-delete function performs the DELETE immediately (no interactive confirmation). Otherwise the SKILL.md operations map closely to script functions and are within the scope of a bookmark client.
Install Mechanism
This is an instruction-only skill with a single shell script and no install spec, so nothing is downloaded or installed automatically. That minimizes install risk.
!
Credentials
The skill requires a service URL and an API key (sensitive credential) to operate, but the registry metadata lists no required env vars and no primary credential. Additionally, the script assumes availability of jq and curl but the metadata lists no required binaries. Requiring an API key is proportional to the purpose, but failing to declare it in metadata is a red flag.
Persistence & Privilege
The skill does not request persistent/always-on privileges, does not modify other skills, and runs only when invoked. It executes network calls to the user-provided API endpoint only, which matches its purpose.
What to consider before installing
This skill's code is a straightforward shell client that requires two environment variables (KARAKEEP_SERVER_URL and KARAKEEP_API_KEY) and the jq utility, but the registry metadata does not declare them — that mismatch is the main concern. Before installing: (1) confirm you trust the skill owner (source unknown); (2) do not export your API key globally if you don't trust the skill — consider using a throwaway account or scoped key; (3) inspect the script (it is included) and prefer sourcing it in a constrained shell or running it from an isolated environment; (4) note that SKILL.md asks the agent to confirm before deletes but the kb-delete function issues DELETE immediately — instruct the agent to always prompt the user before running kb-delete; and (5) ask the publisher to update registry metadata to declare required env vars and binaries. If you need stronger assurance, request a signed/source-linked release or run the script in a sandbox first.

Like a lobster shell, security has layers — review code before you run it.

latestvk976bf2bh06nr5g7d290jqt9j182y77n

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments