Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
emergency circuit
v1.0.0Monitors AI agents in real-time to detect anomalies and enforce safety policies with automatic emergency shutdown to prevent damage and cost overruns.
⭐ 0· 183·0 current·0 all-time
byJustin Liu@zhenstaff
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill describes monitoring multiple LLM providers, tracking costs, and performing emergency shutdowns, but the registry metadata declares no required environment variables, no config paths, and no primary credential. A monitoring/kill system would normally need provider API keys and platform/admin credentials; their absence is an unexplained mismatch. The SKILL.md also references an npm package and GitHub repo, while the registry lists no install spec or source — another inconsistency.
Instruction Scope
The SKILL.md instructs use of a CLI (emergency-circuit monitor/kill/status), npm install and git clone, and shows a TypeScript integration example, yet the skill bundle contains no code and no concrete integration/authentication steps. The docs do not specify how the tool authenticates to agents/providers or what 'kill' actually does (kill a process, call a controller API, revoke tokens?). The policy example mentions blocking 'execute_shell' while the docs show shell commands, a contradictory instruction set.
Install Mechanism
There is no install spec in the registry (skill is instruction-only), but SKILL.md recommends installing from npm or cloning a GitHub repo. That means the real install mechanism is unspecified in the bundle; following those instructions would fetch and run third-party code. Because the registry did not provide the package source or a vetted install spec, the user would have to trust an external npm/GitHub package before auditing it.
Credentials
A monitoring and kill system that tracks OpenAI/Anthropic usage and can stop agents would normally require multiple credentials (provider API keys, agent-controller/admin tokens). The skill declares none. This is disproportionate: either the skill is non-functional as packaged, or it implicitly expects access to sensitive credentials that it does not enumerate — both are red flags.
Persistence & Privilege
The skill is not marked 'always' and is user-invocable, so it doesn't demand forced persistence. However, its described functionality would require elevated privileges (ability to stop agents, access billing data), and the bundle does not declare how those privileges are obtained or limited. Lack of declared privilege requests makes it unclear what authority the tool would actually have if installed.
What to consider before installing
This skill's docs promise powerful monitoring and an emergency kill switch but the package you were given is only documentation — no code or declared credentials — and the docs reference installing code from npm/GitHub. Before installing or running anything: 1) ask the publisher for the canonical repository and package name and verify the author/organization; 2) review the actual code (npm package or GitHub repo) to see what it will do and what credentials it requires; 3) never provide admin/platform tokens or cloud provider keys until you understand exactly where they are used and stored; 4) prefer running it first in an isolated sandbox account with least privilege and test kills safely; 5) if you must install from npm or git, audit the package and check integrity (checksums, recent commits, issues) and avoid blindly running 'npm install -g' from an unknown source. The current bundle is incomplete and inconsistent — treat it as untrusted until you can inspect the real implementation and its required permissions.Like a lobster shell, security has layers — review code before you run it.
latestvk97b1hxkw0kqrgqpvy9dsq95hx82ta5m
License
MIT-0
Free to use, modify, and redistribute. No attribution required.