Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Agent Quick Start
v2.0.0Quick start templates for OpenClaw agents. Boilerplate code for research bots, content generators, task automation, and more. Jumpstart your development with...
⭐ 0· 66·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The package is a quick-start templates kit and mostly only needs to write files — that matches the description. However some template files (research.js) call other scripts under ~/.openclaw (free_search.js and openclaw-memorize/memorize.js). Those external dependencies are not documented in SKILL.md and are not declared anywhere, which is an incoherence.
Instruction Scope
SKILL.md instructs only listing/creating templates. The created template code, however, instructs the runtime to execute local scripts in the user's home directory via child_process.execSync. That expands scope beyond creating templates: if those files exist they will be executed. The SKILL.md does not warn about or document these external executions.
Install Mechanism
No install spec and no external downloads — the skill is instruction-only plus a single start.js that writes template files. This is low-risk from an install-mechanism perspective.
Credentials
The skill declares no required env vars or credentials (which is appropriate). Template code uses process.env.HOME and hardcoded home-paths; that is plausible but implies the code will touch user-home locations. There are no requests for unrelated secrets, but the reliance on hardcoded paths (~/.openclaw/...) is undeclared and could be abused if those locations are populated by third-party or attacker files.
Persistence & Privilege
The skill does not request always:true, does not modify other skills' configs, and only writes files to the user-specified project path. It does reference other skill paths but does not itself request permanent agent presence.
What to consider before installing
This package is a templates generator and will create scripts in whatever project path you supply. Before running any generated scripts, inspect the files created (especially custom/research.js). Note two issues: (1) research.js uses execSync to run node ~/.openclaw/workspace/custom/free_search.js and ~/.openclaw/skills/openclaw-memorize/memorize.js even though those dependencies are not documented — if attacker-controlled files exist at those paths they would be executed; (2) the execSync calls interpolate user-provided topics into shell commands (e.g., node ... 'query' or "${topic}"), which is vulnerable to command injection if the topic contains shell metacharacters. Recommended precautions: (a) only create projects in a safe sandbox or non-sensitive directory; (b) inspect and/or edit generated files before running them; (c) remove or fix execSync usage to spawn with argument arrays or properly escape/sanitize inputs; (d) only run if you trust or have audited any referenced scripts under ~/.openclaw; and (e) consider adding explicit documentation or tests for the external dependencies before using the research template. If you want, I can highlight exact lines to fix for command-injection mitigation or produce a safer variant of the templates.start.js:52
Shell command execution detected (child_process).
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.Like a lobster shell, security has layers — review code before you run it.
chinesevk9724dkpyf88db4bgqpp14y1p183x6q8latestvk9724dkpyf88db4bgqpp14y1p183x6q8templatevk9724dkpyf88db4bgqpp14y1p183x6q8
License
MIT-0
Free to use, modify, and redistribute. No attribution required.