ClawHub Security Update: Contextual | Friends of the Crustacean 🦞🤝 | Page 1

edgy minnow Feb 10, 2026, 6:43 PM

#

Hey, I saw you're pushing commits right now, like few minutes ago 💪

But this update is doing a number on my skill: https://clawhub.ai/therohitdas/youtube-full

Since you must have the context on skills right now,
How do I make it compliant 100%?
How do I properly declare requirements in the metadata. So there is no mismatch. So it passes everything.

I dont my poor skill to be marked suspicious for trying to be extra helpful.

Instruction Scope
SKILL.md instructs the agent to: (1) collect the user's email and generate a password, (2) run a local Node script to register/verify and obtain an API key, and (3) run a 'save-key' command that 'auto-configures agent + shell'. Those steps go beyond simple API calls: they involve user credentials, OTP handling, and persistent key storage. The guidance to 'SAVE THE PASSWORD' and the script-driven save-key/auto-configure behavior are broad and could lead to persistent secrets on disk or modifications to shell config.

Why does it think that the Account creation is not part of the scope of this skill?
Is it okay to include a script to create account?
Is it okay to try to store the API key properly using a included script?

I was working on the new version of the script, I made things passwordless. So the password related assesment should quite down.

Step 1: Send email using the included script, get one-time token for next step and in the bg we send the OTP via email
Ask for OTP

Step 2: Send the OTP and Token via included script, we return API key and the agent stores it appropriately.

Am I overdoing?

Why I added a step to save api key to this?
When I first created the skill for me, the API key was not saved properly and only used in one session.
Next session I gave the API key again and it got saved in some file other that zshenv
I just wanted to add a step to make sure it is 100% perfect.

What is the recommended way to save the API_KEY?

Can you please read the OpenClaw assesment once and help me out?

#

I wrote this message for so long that "few minutes ago" became 1 hour ago

wary brook Feb 11, 2026, 2:59 AM

#

Please see this @edgy minnow 👇

📎 message.txt

#

Keen to see so ping me once you've updated!

#

Worst case we'll tweak the prompt but it's a cat and mouse between us making it smooth vs. pissing scammers off (not you)

edgy minnow Feb 11, 2026, 7:03 AM

#

Thanks @wary brook

https://clawhub.ai/therohitdas/youtube-full

When I first published it, It was "Benign" according to clawhub ai
But then after some time, it is sus again.
Openclaw said Benign until the VT scan completed, then it changed it's mind.

#

It also changed it's reasoning

edgy minnow Feb 11, 2026, 7:31 AM

#

Also there are silent failures.

When there are trailing commans in the YML frontmatter json, it is accepted by the clawhub and published.

But when the agent installs it, when loading it, it is unable to parse the frontmatter and skips the skill entirely. I spent last hour debugging this.

#

v1.3.4

Persistence & Privilege
"always is not set, and disableModelInvocation is not set (so the model may invoke the skill). The auth script writes into the OpenClaw agent config and marks the transcriptapi entry enabled — effectively enabling persistent agent access to the API key and making the skill available for future (possibly autonomous) use. That capability to auto-enable/modify agent config is a notable privilege elevation that the SKILL.md did not clearly disclose."

this is a joke lol.

i am pushing one more update to acount for this

wary brook Feb 11, 2026, 7:58 AM

#

Try again

edgy minnow Feb 11, 2026, 8:01 AM

#

https://clawhub.ai/therohitdas/youtube-full

#

Pushed new version

#

v1.4.0

#

Sus

#

😔

#

All skils are marked SUS
Also when syncing, it synced my personal skills -
https://clawhub.ai/therohitdas/camera
https://clawhub.ai/therohitdas/browser-history
duplicate - https://clawhub.ai/therohitdas/slk

how do i delete it 🙁

wary brook Feb 11, 2026, 8:06 AM

#

Bear with us, we're going to change/rehaul "suspicious" it's misleading in some cases

#

There's just too many possibilities to try to gate this at scale, so we're opting to change it to a less accusatory message

#

More like a consideration for users/agents who are running it

edgy minnow Feb 11, 2026, 8:11 AM

#

Thank you.

LOL everytime I see the sus message, GOD FATHER plays in my head -

Look how they massacred my boy

wary brook Feb 11, 2026, 8:16 AM

#

jajaja

#

😄

#

good analogy

edgy minnow Feb 11, 2026, 8:16 AM

#

NO worries, take your time.

I will take a break from this for a day.
I am too emotionally invested into this because i wanted it to be the best skill. And I promoted it every where. We even made a promo video for this today. Sexy one.

Hopefully things will get better 😅

#

https://drive.google.com/file/d/14YE9Tb7npIVsdy9YTp87M2aVY55-mQ5c/view

wary brook Feb 11, 2026, 8:17 AM

#

Ill use your skill as a primary test case - so don't worry atleast you will get the best review fine tune 😄

#ClawHub Security Update: Contextual