Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
redmine-tools
v1.0.0Fetch, update, and summarize Redmine issue attachments from CLI.
⭐ 1· 73·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill's name and description match the code: it fetches/updates Redmine issues and summarizes image attachments via an OpenAI-compatible API. However, the registry metadata claims no required environment variables or binaries while SKILL.md and the script clearly require REDMINE_* and OPENAI_* env vars and a Node runtime. That mismatch is unexpected and should be corrected.
Instruction Scope
The SKILL.md and script instruct the agent to: read REDMINE_BASE_URL and REDMINE_API_KEY from environment, download issue attachments from Redmine, convert images to data URLs, and POST them (with accompanying prompt/context) to the OPENAI_API_URL. This behavior is coherent with image summarization but it also means potentially sensitive attachments are transmitted to an external model endpoint — a clear exfiltration risk if the endpoint is untrusted. The instructions do not reference unrelated system files, so no other scope creep was found.
Install Mechanism
No install spec is provided (lowest install risk). However, the skill includes a Node.js script and expects it to be run via 'node scripts/redmine.js'. The registry's 'required binaries: none' is inconsistent with that expectation — Node.js must be available on PATH for the script to run.
Credentials
The SKILL.md requires REDMINE_BASE_URL and REDMINE_API_KEY and OPENAI_API_URL/OPENAI_API_KEY/OPENAI_MODEL/OPENAI_IMAGE_SUMMARY_PROMPT. These are proportionate to the stated functionality. But the registry metadata does not declare these required environment variables or a primary credential, which is a mismatch. Also, because the skill sends full image attachments (base64 data URLs) to the OpenAI-compatible endpoint, the OPENAI_API_URL and OPENAI_API_KEY effectively receive potentially sensitive data; users should ensure the model endpoint is trusted and that REDMINE_API_KEY has minimal privileges.
Persistence & Privilege
The skill does not request permanent presence (always:false) and does not modify other skills or system-wide settings. It requires no special persistent privileges beyond the runtime env vars and executing the script with the Node runtime.
What to consider before installing
Before installing or running this skill:
- Expect to provide REDMINE_BASE_URL and REDMINE_API_KEY and OpenAI-compatible credentials; the registry metadata currently omits these — ask the publisher to correct that.
- Node.js must be available to run scripts/redmine.js.
- Understand that the 'image' command downloads attachments from Redmine and sends the full image (base64 data URL) to whatever OPENAI_API_URL you configure; only point this to a trusted model endpoint. If attachments may contain confidential data, do not send them to external/third-party services.
- Verify the source code (no homepage/source provided) or run it in an isolated environment before using with production credentials.
- Prefer using least-privilege API keys for Redmine and, if possible, an internal model endpoint or one with appropriate data-handling guarantees.
If the publisher can correct the metadata (declare required env vars and the Node requirement) and provide a trustworthy source/homepage, that will reduce the ambiguity.scripts/redmine.js:395
Environment variable access combined with network send.
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.Like a lobster shell, security has layers — review code before you run it.
latestvk97d3e6d4r13vs43hj36qkendn83j7ss
License
MIT-0
Free to use, modify, and redistribute. No attribution required.