Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Syberz Chatflow Guardian
v1.0.0确保你的对话永远不会中断!智能监控对话状态,确保用户的消息永远不会是最后一条。
⭐ 0· 36·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The description promises multi-platform conversation monitoring (QQBot, WeCom, Slack, etc.) yet the registry metadata declares no required environment variables or primary credential. Real integrations with those platforms normally require API keys/tokens, so the skill's declared requirements are incomplete/unexplained. Additionally, the package contains substantial source code (src/, scripts/) despite being labelled as instruction-only in some metadata — an inconsistency.
Instruction Scope
SKILL.md instructs running npm install and many scripts, and explicitly tells users to run commands and scripts located under /root/.openclaw (deploy-no-cold-chat.sh, manage-no-cold-chat.sh), to enable systemd services, to inspect /root/.openclaw logs, and to run pkill/netstat/ps. These steps go beyond a simple skill sandbox and request system-level operations, file access, and service control that are outside the narrow scope of 'monitoring conversation state'.
Install Mechanism
There is no formal install spec in the registry, but README/SKILL.md direct you to run npm install and included install scripts. The package includes a package-lock.json and normal npm dependencies (node-cron, winston, lodash). package-lock entries reference a third-party mirror (mirrors.tencentyun.com) rather than only official registries — not necessarily malicious but worth verifying. No remote archive downloads or obscure URL installers were found in the provided content.
Credentials
The skill claims multi-platform integrations and deep-learning features but declares zero required environment variables/credentials. That is disproportionate: connecting to external platforms normally requires API keys/tokens, and running deep-learning models may require model files or storage access. SKILL.md also references config and log paths (~/.openclaw/config, ~/.openclaw/logs) which gives it access to user-level data but the registry didn't declare these as required config paths.
Persistence & Privilege
The skill does not set always:true, but its instructions ask you to create/enable a systemd service and run scripts with sudo and to read/write files under /root/.openclaw and ~/.openclaw. Those actions require elevated privileges and change system-level persistence (services, logs). While not automatically granted by metadata, the runtime instructions encourage high-privilege operations.
What to consider before installing
Do not run the provided install or deployment commands blindly. The package contains executable Node.js code and asks you to run npm install and system-level scripts (systemd enable/start, scripts under /root/.openclaw). Before installing: 1) Inspect src/index.js and other src/*.js for network calls, remote endpoints, hardcoded URLs, or any code that exfiltrates data; 2) Verify where the deploy/manage scripts referenced under /root/.openclaw actually come from — they are outside the repo and could be different on your host; 3) Confirm and provide only the minimal platform credentials required (avoid entering broad tokens as environment variables unless you audited the code); 4) Prefer running first in an isolated environment (container or VM) and run a dependency audit (npm audit) and antivirus/static analysis; 5) If you need to allow systemd/service installation, review those scripts carefully and avoid running sudo commands until you understand what they do. The main red flags are the mismatch between claimed platform integrations and missing credential declarations, and the instruction-driven request for system-level actions — treat this as potentially risky until source-reviewed.Like a lobster shell, security has layers — review code before you run it.
latestvk97095r9w2r2cvvw4r9d9vw5sx84r62b
License
MIT-0
Free to use, modify, and redistribute. No attribution required.