中文 EN

Scan Report

Scan New Files

Trusted — Risk Score 5/100
Last scan:1 day ago Rescan
5 /100
clawhub-publish-flow
Publish or update an OpenClaw skill on ClawHub using the local authenticated ClawHub session and direct API upload.
A legitimate ClawHub skill publishing workflow that reads local config for auth tokens and uploads skill packages via HTTPS POST — all behavior is documented and standard for a registry publisher tool.
Skill Nameclawhub-publish-flow
Duration24.9s
Enginepi
Safe to install
No action needed. The skill performs expected operations: reads a local config token, lists a skill directory, and POSTs a multipart form to the ClawHub API.

Findings 1 items

Severity Finding Location
Low
Missing referenced script Supply Chain
SKILL.md references package_skill.py for creating distributable artifacts, but this file is not present in the skill bundle. The script may be external or optional.
Package the skill with `package_skill.py` if a distributable artifact is needed.
→ Either include package_skill.py in the bundle or remove the reference from SKILL.md to avoid confusion.
 SKILL.md:36
ResourceDeclaredInferredStatusEvidence
Filesystem READ READ ✓ Aligned scripts/publish_to_clawhub.js:58 reads skill directory contents
Filesystem READ READ ✓ Aligned scripts/publish_to_clawhub.js:42-48 reads ClawHub config from homedir
Network WRITE WRITE ✓ Aligned scripts/publish_to_clawhub.js:75 POSTs multipart form to /api/v1/skills
Shell READ READ ✓ Aligned SKILL.md:25-29 calls clawhub CLI commands (whoami, inspect)
Environment NONE NONE No env var access detected
1 findings
🔗
Medium External URL 外部 URL
https://clawhub.ai
scripts/publish_to_clawhub.js:65

File Tree

3 files · 8.7 KB · 244 lines
Markdown 2f · 148L JavaScript 1f · 96L
├─ 📁 references
│ └─ 📝 release-checklist.md Markdown 24L · 888 B
├─ 📁 scripts
│ └─ 📜 publish_to_clawhub.js JavaScript 96L · 2.9 KB
└─ 📝 SKILL.md Markdown 124L · 4.9 KB

Security Positives

✓ All shell/subprocess usage (clawhub CLI) is explicitly documented in SKILL.md
✓ No credential harvesting — token is read from local config and used only for the declared API upload
✓ No obfuscation, base64 encoding, or anti-analysis patterns detected
✓ Outbound network contact is limited to the declared ClawHub API endpoint (HTTPS)
✓ Explicit safety rules in SKILL.md (do not publish without request, review outbound payload for secrets)
✓ No access to sensitive paths (~/.ssh, ~/.aws, .env) — only reads ClawHub's own config directory
✓ Sensitive data review before upload is explicitly required in documentation