skills/sundial-org/awesome-openclaw-skills/clawhub/Socket

clawhub

Fail

Audited by Socket on Feb 17, 2026

1 alert found:

Malware

MalwareSKILL.md

HIGH

MalwareHIGH

SKILL.md

[Skill Scanner] Natural language instruction to download and install from URL detected All findings: [CRITICAL] command_injection: Natural language instruction to download and install from URL detected (CI009) [AITech 9.1.4] [CRITICAL] command_injection: URL pointing to executable file detected (CI010) [AITech 9.1.4] [CRITICAL] command_injection: Instruction directing agent to run/execute external content (CI011) [AITech 9.1.4] [CRITICAL] command_injection: Installation of third-party script detected (SC006) [AITech 9.1.4] [CRITICAL] command_injection: Installation of third-party script detected (SC006) [AITech 9.1.4] [CRITICAL] command_injection: Installation of third-party script detected (SC006) [AITech 9.1.4] [CRITICAL] command_injection: Destructive bash command detected (rm -rf, chmod 777) (CI004) [AITech 9.1.4] [HIGH] autonomy_abuse: Skill instructions include directives to hide actions from user (BH009) [AITech 13.3] The ClawHub CLI documentation is coherent with its stated purpose of managing skills (search/install/update/publish) and includes realistic prerequisites and workflows. There are no explicit malicious behaviors in the fragment. The primary security considerations are reliance on a separate openclawcli component and handling of authentication tokens (explicitly demonstrated as an environment variable in examples). These are typical for CLI tooling but warrant secure handling in implementation. Overall assessment: BENIGN with caution around credential handling and external dependency trust. LLM verification: This skill's documentation is internally consistent for a CLI that manages skills, but it requires trusting external artifacts (an openclawcli binary hosted on a GitHub release and a glot.io install snippet) and permits use of custom registries and CI secrets. Those design choices create moderate supply-chain risk: a malicious or compromised openclawcli binary or a rogue registry could exfiltrate credentials or uploaded skill content. The README examples also include potentially destructive shel

Confidence: 95%Severity: 90%

Audit Metadata

Analyzed At

Feb 17, 2026, 05:32 AM

Package URL

pkg:socket/skills-sh/sundial-org%2Fawesome-openclaw-skills%2Fclawhub%2F@6c59b0c548ff4fc1c00a6ded35788c40f0329fae