ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Prompt Switchboard Compare Workflows

v1.1.1

Teach an agent to install Prompt Switchboard's local MCP sidecar, connect it in a host, and run a compare-first browser workflow.

0· 116·0 current·0 all-time
byYifeng[Terry] Yu@xiaojiou176
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
Crypto
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name, description, and runtime instructions are coherent: the skill teaches wiring a local MCP sidecar, running readiness/compare flows, and uses the documented MCP tool names (bridge_status, check_readiness, compare, etc.). The requested actions align with the stated compare-first browser workflow.
Instruction Scope
SKILL.md only instructs the agent to read included docs, clone a specific GitHub repo, edit local host config snippets, and run the MCP server and MCP tool calls. It does not ask the agent to read unrelated system files or request unrelated credentials, but it does instruct executing local commands (npm install and starting the sidecar) which will run code downloaded from external sources.
!
Install Mechanism
Although the skill itself has no formal install spec, its INSTALL.md tells users/agents to git clone https://github.com/xiaojiou176-open/multi-ai-sidepanel and run npm install and an npm 'mcp:server' script. That implies pulling code from a third‑party repo and npm registry packages and executing them locally — a moderate to high risk operation if the repo or its dependencies are untrusted or malicious. The GitHub host is a standard host (not a shortener or IP) but the repo is an arbitrary third‑party fork and not an official release; reviewers should inspect package.json and the mcp:server script before running.
Credentials
The skill declares no required environment variables, no primary credential, and no config paths beyond user-editable host config snippets. It does not request unrelated cloud credentials or secrets.
Persistence & Privilege
always is false and the package is instruction-only; it does not ask to modify other skills or system-wide agent settings. It expects the host to start a local sidecar process but does not request permanent elevated presence.
What to consider before installing
This package is internally coherent for wiring a local Prompt Switchboard MCP sidecar, but it instructs you to clone and run a third‑party GitHub repo and to run npm install / npm run mcp:server locally. Before installing or running anything: 1) inspect the repository and package.json (especially the 'mcp:server' script) to confirm there are no unexpected postinstall scripts or network exfiltration code; 2) prefer a pinned commit or an official/release tarball from a trusted upstream where possible; 3) run npm install and the server in a sandbox/container or on a non‑privileged account, not as root; 4) review the browser extension being used (Prompt Switchboard) and only enable it if you trust its source; 5) if you need stronger assurance, ask the author for signed releases or a maintainer statement. If the repo proves to be an official, audited upstream or a verified package, this concern would drop and the skill would be much safer.

Like a lobster shell, security has layers — review code before you run it.

browser-extensionvk977efpetpvp5ekapvhf5q7f2h84gzn7compare-firstvk977efpetpvp5ekapvhf5q7f2h84gzn7latestvk977efpetpvp5ekapvhf5q7f2h84gzn7mcpvk977efpetpvp5ekapvhf5q7f2h84gzn7productivityvk977efpetpvp5ekapvhf5q7f2h84gzn7

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments