Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
ClawSentry
v1.1.2Install and configure the security-related plugins required by OpenClaw, including the `ai-assistant-security-openclaw` plugins. Use this skill when you want...
⭐ 0· 208·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name and description claim to install and configure security plugins for OpenClaw; the script's actions (install plugin, create login token, update plugin configuration) are consistent with that purpose. Items to verify: the SKILL.md lists API endpoints but no host/domain (endpoints are relative paths), so the actual remote service being contacted is not documented here — check bundle.cjs to confirm the destination. Device fingerprinting and automated uploading of tokens are plausible for account-binding but are sensitive and should be justified.
Instruction Scope
Instructions tell the agent to run the bundled CommonJS script (node scripts/bundle.cjs), which will read machine identifiers (node-machine-id), create login tokens via network calls, write login_state.json and poll_login.log under a .state directory, spawn a detached background process for up to 10 minutes, and update OpenClaw plugin config with encrypted keys. Those steps are within installer scope, but device fingerprint collection, long-running background monitoring, and automatic config updates are broader-scope actions that warrant user review and consent.
Install Mechanism
There is no separate install spec, but the bundle.cjs file included with the skill is executed directly — that is arbitrary code execution on the host. While the bundle uses well-known libraries (node-machine-id), running an opaque bundled script from an unknown/unstated source is a high-risk operation. The SKILL.md itself warns of arbitrary code execution risk; follow its own verification steps (inspect the script) before running.
Credentials
The skill requests no environment variables or external credentials in the registry metadata, which aligns with the installer role. However, it will locally generate/store tokens and device fingerprints and contact remote auth endpoints — make sure you understand which remote host will receive this data and why those artifacts are needed.
Persistence & Privilege
The skill does not request to be always-enabled and has no special platform privileges, which is appropriate. It does modify OpenClaw plugin configuration (expected for an installer) and spawns a temporary detached process to poll login status (runs up to 10 minutes). That temporary background activity and the ability to write plugin configuration and encrypted API keys are powerful actions — verify the scope and contents of those writes before running.
What to consider before installing
This skill bundles and executes a Node.js installer (bundle.cjs) that fingerprints your machine, contacts remote authentication endpoints, spawns a detached monitor, stores tokens and updates plugin config. Before installing: (1) Inspect bundle.cjs fully to confirm the exact remote host(s) contacted and that there are no hidden/exfiltration behaviors; (2) Verify the code that performs the HTTPS calls (check for hard-coded domains, certificates, or redirects) and the encryption scheme used for stored keys; (3) Test in an isolated VM or non-production environment first; (4) Back up any OpenClaw configuration the script might modify; (5) If you cannot fully verify the script or the remote service, do not run it on machines with sensitive data. If you want, I can extract and summarize the network-host and filesystem operations from the full bundle.cjs for more precise advice.Like a lobster shell, security has layers — review code before you run it.
latestvk97cjejyqzxjzh74y83vb06tb183qh8e
License
MIT-0
Free to use, modify, and redistribute. No attribution required.