Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Lobster Search First
v1.0.1Research-before-coding workflow. Search for existing tools, libraries, and patterns before writing custom code. Invokes the researcher agent.
⭐ 0· 25·1 current·1 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name and description match the instructions: the skill guides an agent to search package registries, MCP servers, GitHub, and local repos/skills to decide whether to adopt/extend/build. The requested actions (search, evaluate, decide) are coherent with a 'search-first' workflow.
Instruction Scope
The SKILL.md explicitly instructs the agent to read local files (e.g., run ripgrep through the repo, check ~/.claude/settings.json and ~/.claude/skills/) and to invoke a researcher subagent that will search external services. Those file reads are broader access than the skill's declared metadata exposes (no config paths declared). This grants the agent access to repository source and user-specific config which may contain secrets or sensitive context; the doc does not document or justify the scope of that access.
Install Mechanism
There is no install spec and no code files — instruction-only skills are lowest-risk in terms of arbitrary code being written to disk. Nothing is downloaded or installed by the skill itself.
Credentials
The skill declares no required environment variables or credentials, which aligns with its description. However, the runtime instructions reference local config paths (~/.claude/*) and advise running repo searches; while this can be reasonable for a researcher workflow, the skill metadata does not declare those config paths, so users won't be warned in advance about local file access.
Persistence & Privilege
always is false and the skill has no install actions that would persist on disk or modify other skills. Autonomous invocation (disable-model-invocation=false) is normal for skills of this type; nothing here demands elevated or permanent platform privileges.
What to consider before installing
This skill is mostly coherent with its stated purpose, but it instructs the agent to read your repository and specific user config files (~/.claude/settings.json and ~/.claude/skills/) even though the package metadata doesn't declare those paths. Before installing: 1) Decide whether you’re comfortable granting the agent read access to your codebase and personal Claude config; 2) If you want to limit access, run the skill only in a sandboxed environment or with read-limited credentials; 3) Verify that the researcher subagent’s external searches (npm, PyPI, GitHub, MCP servers) are acceptable for your data-sharing/privacy policy; 4) If you need stronger guarantees, ask the skill author to explicitly declare required config paths in metadata and/or to add an option to disable local-file checks. If you control sensitive information in ~/.claude or your repo, treat this as potentially privacy-impacting and review before enabling autonomous use.Like a lobster shell, security has layers — review code before you run it.
latestvk97ecwpnjchtsa6vqathnjf9qs8471m5
License
MIT-0
Free to use, modify, and redistribute. No attribution required.