ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

1Panel skills

v0.0.2

1Panel operation skill for OpenClaw. Use when the user wants OpenClaw to interact with a 1Panel instance for resource monitoring, websites, certificates, app...

1· 609·3 current·3 all-time
by@1panel
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The skill's name/description match its behavior: it implements read-oriented 1Panel API operations. However the registry metadata claims 'Required env vars: none' and 'Primary credential: none' while SKILL.md and the code both require ONEPANEL_BASE_URL and ONEPANEL_API_KEY (plus optional ONEPANEL_TIMEOUT_MS and ONEPANEL_SKIP_TLS_VERIFY). That mismatch between declared registry requirements and the actual code/README is a coherence issue and could mislead users about secret requirements.
Instruction Scope
SKILL.md and the code restrict functionality to query/inspection endpoints and explicitly reserve mutations for future changes, which aligns with the described scope. The CLI supports reading an --input-file and the code will read arbitrary local files when that flag is used (node:fs/promises readFile). Modules expose endpoints that read server-side logs and files (/api/v2/files/read, /api/v2/logs/system/files), which is expected for 1Panel operations but means the skill will fetch potentially sensitive server logs if given access. Overall scope is appropriate, but the ability to read arbitrary local files via --input-file should be considered when granting the agent runtime permissions.
Install Mechanism
No install spec that downloads arbitrary code from the network. The repository includes compiled JS under dist/ and TypeScript sources; package.json points to ./dist/plugin.js for OpenClaw. No external URLs, installers, or archive extracts are used. This is low-risk compared to remote downloads.
!
Credentials
The environment variables required by the code (ONEPANEL_BASE_URL, ONEPANEL_API_KEY, optional TIMEOUT and SKIP_TLS) are proportionate for a 1Panel integration. The concern is that the registry metadata does not declare these env vars or a primary credential—so a user or platform may not be warned that an API key (a secret) is needed. That omission is the primary proportionality/red-flag issue.
Persistence & Privilege
The skill does not request 'always: true' and does not attempt to modify other skills or system-wide settings. It provides a CLI and plugin entrypoint (dist/plugin.js) but does not claim elevated, permanent privileges beyond normal operation. Autonomous invocation is enabled (default) but not combined with other privileged behavior.
What to consider before installing
This package largely does what it claims: it's a read-only (for now) 1Panel API client implemented in TypeScript/JS. Before installing: 1) Be aware the code requires ONEPANEL_BASE_URL and ONEPANEL_API_KEY (these are NOT listed in the registry metadata) — provide only a key scoped for read/monitoring, and rotate it later. 2) The CLI supports --input-file which will cause the skill to read any file path you pass; don't allow the agent to pass arbitrary file paths unless you trust it. 3) The skill can fetch server logs and system files from the 1Panel instance (expected for this purpose) — only connect it to trusted 1Panel instances. 4) Because metadata omitted the required credentials, treat that as a sign to audit the plugin code (dist/plugin.js and scripts/) and verify configuration UI before granting secrets. If you need lower risk, require a read-only API key and avoid giving the skill filesystem access in the runtime.
!
openclaw.plugin.json:30
Install source points to URL shortener or raw IP.
About static analysis
These patterns were detected by automated regex scanning. They may be normal for skills that integrate with external APIs. Check the VirusTotal and OpenClaw results above for context-aware analysis.

Like a lobster shell, security has layers — review code before you run it.

latestvk97d2ecyczf5s8hmb57gap4rh183hd33
609downloads
1stars
2versions
Updated 6h ago
v0.0.2
MIT-0
@1panel
latest
Download

OpenClaw 1Panel

Overview

Use this skill to interact with a 1Panel instance through authenticated HTTP API calls. The bundled resources are TypeScript source files grouped by module, with query-oriented actions implemented now and mutation endpoints reserved for later expansion.

Requirements

  • Require a 1Panel API key with access to the target instance.
  • Require these environment variables when executing the TypeScript resources in an OpenClaw runtime:
    • ONEPANEL_BASE_URL
    • ONEPANEL_API_KEY
    • optional: ONEPANEL_TIMEOUT_MS
    • optional: ONEPANEL_SKIP_TLS_VERIFY=true

Workflow

  1. Choose the module that matches the user's request.
  2. Start with a list or search action to identify the exact target.
  3. Read detail, status, or logs only after the target is confirmed.
  4. If the user asks for create, update, delete, restart, stop, or any other mutation:
    • do not fabricate or guess a write workflow
    • surface the matching reserved mutation endpoint from the module
    • implement the write path only when that behavior is intentionally added to the skill

Module Groups

  • monitoring Resource monitoring, dashboard current status, top processes, historical monitor data, GPU history.
  • websites Website list/detail, Nginx config reads, domain list, HTTPS config, SSL certificate reads, website log reads.
  • apps App catalog lookup, installed app list, installed app detail, service list, port/connection info.
  • containers Container list/status/detail, inspect, stats, streaming log reads.
  • logs Operation logs, login logs, system log file list, generic line-by-line log reads.
  • cronjobs Cronjob list/detail, next execution preview, execution records, record log reads.
  • task-center 1Panel task-center list and executing count.
  • nodes Node list, simple node list, node options, node summary. Some endpoints may require Pro/XPack.

Resources

  • references/module-groups.md Human-readable overview of module boundaries, common entrypoints, and reserved write scope.
  • scripts/client.ts Shared authenticated 1Panel client.
  • scripts/cli.ts Executable CLI entry for OpenClaw or shell-based tool calls.
  • scripts/index.ts Registry of all module definitions.
  • scripts/modules/*.ts Module-specific actions and reserved mutation endpoint definitions.

Execution Notes

  • Prefer the CLI instead of letting the model construct signed HTTP requests itself.
  • The repository can ship prebuilt runtime files under dist/, so normal use should call node dist/scripts/cli.js ... directly without rebuilding first.
  • Run npm run build only after changing TypeScript source files such as plugin.ts or scripts/**/*.ts.
  • OpenClaw plugin loading should target the compiled entry at dist/plugin.js, not the TypeScript source file.
  • If the OpenClaw runtime can execute TypeScript directly, import from scripts/index.ts and call the module actions.
  • If the runtime cannot execute TypeScript directly, use the TypeScript files as the source of truth for methods, paths, query parameters, and request payload shapes.
  • The current implementation focuses on query and inspection actions; extend the reserved mutation definitions when you intentionally add managed write flows.

Comments

Loading comments...