Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Skill
v2.3.1Smart skill installation advisor for ClawHub. Searches for skills matching your needs, evaluates candidates on security (via skill-shield), code quality, and...
⭐ 0· 840·1 current·1 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
SKILL.md and scripts/evaluate.py implement a ClawHub search/install + skill-shield scan + quality scoring pipeline — that matches the name/description. However the top-level metadata claims 'zero external dependencies' and lists no required binaries/env, while the README and script clearly require the 'clawhub' CLI and access to a skill-shield scanner (or SKILL_SHIELD_SCANNER env). This mismatch is incoherent and should be clarified.
Instruction Scope
The runtime instructions and evaluate.py stay within the advertised scope: they search ClawHub, install candidate skills into a working directory, run a security scanner, inspect files to measure quality, and produce reports. That said, installing arbitrary skills (even into a temporary workdir) and running their scanners means you will execute code from untrusted packages (via the clawhub install process and any install hooks those skills contain). That behavior is expected for this tool but is an important security consideration.
Install Mechanism
There is no install spec (instruction-only). The package includes a Python script you run manually; nothing in the skill metadata writes installers or downloads code on install time. The script itself will download/install candidate skills using the external 'clawhub' tool when you run it — that is expected for the stated purpose.
Credentials
The skill metadata declares no required env vars, but evaluate.py checks SKILL_SHIELD_SCANNER and the SKILL.md requires an authenticated clawhub CLI and access to skill-shield's scan.py. The script also probes user home paths for a local scanner copy. These environment/credential requirements are reasonable for the tool's function, but the metadata omission is misleading and should be corrected.
Persistence & Privilege
The skill is not marked always:true and does not attempt to modify other skills or global agent configuration. It writes to and cleans up a working directory and can uninstall candidate dirs. No persistent privileged presence is requested by the skill itself.
What to consider before installing
This skill is an advisor that will use your clawhub CLI to install and inspect other skills and will run a local skill-shield scanner. That is consistent with its purpose but: (1) clarify the metadata mismatch — it DOES need clawhub and a scanner even though metadata claims 'zero external dependencies'; (2) only run it in a disposable or isolated workspace (use --workdir pointing at a temp directory or container) because 'clawhub install' can run package install hooks from third-party skills; (3) verify the scanner path (SKILL_SHIELD_SCANNER) and review the generated report before allowing any recommended installation; (4) if you need higher assurance, run the tool with --top 1 and inspect the candidate skill contents manually before letting it install or recommend anything; (5) if the author can explain/correct the contradictory metadata (required binaries/env vs declared none), that will raise confidence.Like a lobster shell, security has layers — review code before you run it.
latestvk97e82qq2ffxbvk8yn19gfy76d820rmprecommendationvk97c12jn7xsr8skb7xfrvs6xp581k52ktoolsvk97c12jn7xsr8skb7xfrvs6xp581k52k
License
MIT-0
Free to use, modify, and redistribute. No attribution required.