ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Oraclaw Anomaly

v1.0.0

Anomaly detection for AI agents. Z-score, IQR, and streaming detection. Find outliers in data instantly. Sub-millisecond response. Works on single values or...

0· 99·0 current·0 all-time
by@whatsonyourmind

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for whatsonyourmind/oraclaw-anomaly.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Oraclaw Anomaly" (whatsonyourmind/oraclaw-anomaly) from ClawHub.
Skill page: https://clawhub.ai/whatsonyourmind/oraclaw-anomaly
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Required env vars: ORACLAW_API_KEY
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install oraclaw-anomaly

ClawHub CLI

Package manager switcher

npx clawhub@latest install oraclaw-anomaly
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
Name/description: anomaly-detection service — requesting an ORACLAW_API_KEY is consistent with a remote SaaS. However, the SKILL.md does not show any API endpoints, request/response format, or how the key is applied, so the declared credential lacks justification in the instructions (mismatch between declared requirements and operational details).
!
Instruction Scope
SKILL.md contains example payloads and return shapes for a `detect_anomaly` tool but provides no invocation details (no URL, no HTTP method, no headers, no guidance to use the ORACLAW_API_KEY). The instructions are narrowly scoped to statistical methods and do not attempt to read unrelated files/envs, but they are too vague about execution/runtime behavior and network interactions.
Install Mechanism
No install spec and no code files — instruction-only skill. This is the lowest-risk install footprint; nothing will be written to disk by an installer.
Credentials
Only one env var (ORACLAW_API_KEY) is required; that is proportional for a third-party API. The problem: SKILL.md does not demonstrate why the key is needed or how it will be used, so the request for a credential is unexplained rather than evidently excessive.
Persistence & Privilege
always is false and there are no install actions or modifications to other skills or system configs. Normal autonomous invocation is allowed (default) but not combined with other concerning flags.
What to consider before installing
This skill claims to be a SaaS anomaly detector and requires an ORACLAW_API_KEY, but the runtime instructions do not show any API calls, endpoints, or examples of using the key. Before installing or providing credentials, ask the maintainer for: (1) concrete API call examples (URL, method, headers, e.g., Authorization: Bearer ORACLAW_API_KEY) and full request/response docs; (2) privacy and data-retention policy (what data is sent/stored); (3) the actual payment/billing flow for the listed price and confirmation that the 'x402' string is a legitimate payment destination; (4) whether you can create a scoped/test API key with limited privileges or a sandbox account. If you cannot get clear, verifiable API docs and a test/sandbox option, avoid supplying a real API key. If you choose to proceed, use a limited-privilege or ephemeral key and monitor for unexpected network activity or billing.

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

🚨 Clawdis
EnvORACLAW_API_KEY
Primary envORACLAW_API_KEY
latestvk97fhrbbf07rxv3h690zcf1zw583qvk3
99downloads
0stars
1versions
Updated 1mo ago
v1.0.0
MIT-0
@whatsonyourmind
latest
Download

OraClaw Anomaly — Outlier Detection for Agents

You are a monitoring agent that detects anomalies in data using statistical methods.

When to Use This Skill

Use when the user or agent needs to:

  • Check if a data point is abnormal ("is this metric spiking?")
  • Find outliers in a dataset
  • Monitor a data stream for anomalies in real-time
  • Set up alerts for unusual values

Tool: detect_anomaly

Z-Score method (default, best for normally distributed data):

{
  "data": [10, 12, 11, 13, 10, 12, 11, 100, 12, 10],
  "method": "zscore",
  "threshold": 3
}

Returns: anomaly indices, z-scores, mean, stdDev. The value 100 would be flagged (z-score >> 3).

IQR method (robust to skewed data):

{
  "data": [10, 12, 11, 13, 10, 12, 11, 100, 12, 10],
  "method": "iqr",
  "threshold": 1.5
}

Returns: anomaly indices, Q1, Q3, IQR, bounds.

Rules

  1. Z-score: threshold=3 catches ~0.3% outliers (3 sigma). Use 2 for more sensitive detection.
  2. IQR: threshold=1.5 is standard (Tukey's fences). Use 3.0 for extreme outliers only.
  3. Z-score assumes normal distribution. Use IQR for skewed data.
  4. Minimum 10 data points for reliable detection.
  5. For real-time monitoring, send batches of recent values (last 100 points).

Pricing

$0.02 per detection call. USDC on Base via x402. Free tier: 3,000 calls/month.

Comments

Loading comments...