Is lightclaw safe to install?

lightclaw was flagged as CRITICAL RISK (risk score 7777) with 632 findings detected across 567 files. Review the findings before installing.

What security issues were found in lightclaw?

Sigil detected 632 findings in lightclaw, including patterns related to install_hooks, provenance, code_patterns, obfuscation, network_exfil. See the full scan report for details.

lightclaw Security Scan — CRITICAL RISK | Sigil

install-makefile-curl

HIGH

Makefile/script pipes remote content to shell

lightclaw-0.0.31/PKG-INFO:138

# macOS / Linux — one-line installer
curl -fsSL https://finnie-1258344699.cos.ap-guangzhou.myqcloud.com/install.sh | bash
```

Why was this flagged?

A script or Makefile pipes content from a remote URL directly into a shell (curl | sh or wget | bash). This is inherently dangerous because the remote content can change at any time, and the command runs with the current user's permissions. Rated HIGH because it requires manual execution (unlike install hooks) but still executes arbitrary remote code.

install-makefile-curl

HIGH

Makefile/script pipes remote content to shell

lightclaw-0.0.31/README.md:65

# macOS / Linux — one-line installer
curl -fsSL https://finnie-1258344699.cos.ap-guangzhou.myqcloud.com/install.sh | bash
```

Why was this flagged?

A script or Makefile pipes content from a remote URL directly into a shell (curl | sh or wget | bash). This is inherently dangerous because the remote content can change at any time, and the command runs with the current user's permissions. Rated HIGH because it requires manual execution (unlike install hooks) but still executes arbitrary remote code.

install-makefile-curl

HIGH

Makefile/script pipes remote content to shell

lightclaw-0.0.31/src/lightclaw/agent/scenes/wechat-ops/skills/publisher-multi-platform/scripts/setup_server.sh:6

# Usage:
#   curl -fsSL <script_url> | bash
#   # 或

Why was this flagged?

A script or Makefile pipes content from a remote URL directly into a shell (curl | sh or wget | bash). This is inherently dangerous because the remote content can change at any time, and the command runs with the current user's permissions. Rated HIGH because it requires manual execution (unlike install hooks) but still executes arbitrary remote code.

install-makefile-curl

HIGH

Makefile/script pipes remote content to shell

lightclaw-0.0.31/src/lightclaw/agent/scenes/wechat-ops/skills/publisher-multi-platform/scripts/setup_server.sh:34

    if command -v apt-get &>/dev/null; then
        curl -fsSL https://deb.nodesource.com/setup_20.x | bash -
        apt-get install -y nodejs

Why was this flagged?

A script or Makefile pipes content from a remote URL directly into a shell (curl | sh or wget | bash). This is inherently dangerous because the remote content can change at any time, and the command runs with the current user's permissions. Rated HIGH because it requires manual execution (unlike install hooks) but still executes arbitrary remote code.

install-makefile-curl

HIGH

Makefile/script pipes remote content to shell

lightclaw-0.0.31/src/lightclaw/agent/scenes/wechat-ops/skills/publisher-multi-platform/scripts/setup_server.sh:37

    elif command -v yum &>/dev/null; then
        curl -fsSL https://rpm.nodesource.com/setup_20.x | bash -
        yum install -y nodejs

Why was this flagged?

A script or Makefile pipes content from a remote URL directly into a shell (curl | sh or wget | bash). This is inherently dangerous because the remote content can change at any time, and the command runs with the current user's permissions. Rated HIGH because it requires manual execution (unlike install hooks) but still executes arbitrary remote code.

install-makefile-curl

HIGH

Makefile/script pipes remote content to shell

lightclaw-0.0.31/src/lightclaw/agent/scenes/wechat-ops/skills/publisher-multi-platform/scripts/wechat_publish.py:887

    # 安装 Node.js (如果没有)
    curl -fsSL https://deb.nodesource.com/setup_20.x | bash -
    apt-get install -y nodejs

Why was this flagged?

A script or Makefile pipes content from a remote URL directly into a shell (curl | sh or wget | bash). This is inherently dangerous because the remote content can change at any time, and the command runs with the current user's permissions. Rated HIGH because it requires manual execution (unlike install hooks) but still executes arbitrary remote code.

install-makefile-curl

HIGH

Makefile/script pipes remote content to shell

lightclaw-0.0.31/src/lightclaw/agent/skills/install-skill/SKILL.md:39

```bash
curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.40.1/install.sh | bash
export NVM_DIR="$HOME/.nvm"

Why was this flagged?

A script or Makefile pipes content from a remote URL directly into a shell (curl | sh or wget | bash). This is inherently dangerous because the remote content can change at any time, and the command runs with the current user's permissions. Rated HIGH because it requires manual execution (unlike install hooks) but still executes arbitrary remote code.

install-makefile-curl

HIGH

Makefile/script pipes remote content to shell

lightclaw-0.0.31/src/lightclaw/agent/skills/install-skill/SKILL.md:63

```bash
curl -fsSL https://skillhub-1388575217.cos.ap-guangzhou.myqcloud.com/install/install.sh | bash -s -- --no-skills
```

Why was this flagged?

A script or Makefile pipes content from a remote URL directly into a shell (curl | sh or wget | bash). This is inherently dangerous because the remote content can change at any time, and the command runs with the current user's permissions. Rated HIGH because it requires manual execution (unlike install hooks) but still executes arbitrary remote code.

install-makefile-curl

HIGH

Makefile/script pipes remote content to shell

lightclaw-0.0.31/src/lightclaw/agent/skills/publisher-multi-platform/scripts/setup_server.sh:6

# Usage:
#   curl -fsSL <script_url> | bash
#   # 或

Why was this flagged?

A script or Makefile pipes content from a remote URL directly into a shell (curl | sh or wget | bash). This is inherently dangerous because the remote content can change at any time, and the command runs with the current user's permissions. Rated HIGH because it requires manual execution (unlike install hooks) but still executes arbitrary remote code.

install-makefile-curl

HIGH

Makefile/script pipes remote content to shell

lightclaw-0.0.31/src/lightclaw/agent/skills/publisher-multi-platform/scripts/setup_server.sh:34

    if command -v apt-get &>/dev/null; then
        curl -fsSL https://deb.nodesource.com/setup_20.x | bash -
        apt-get install -y nodejs

Why was this flagged?

A script or Makefile pipes content from a remote URL directly into a shell (curl | sh or wget | bash). This is inherently dangerous because the remote content can change at any time, and the command runs with the current user's permissions. Rated HIGH because it requires manual execution (unlike install hooks) but still executes arbitrary remote code.

install-makefile-curl

HIGH

Makefile/script pipes remote content to shell

lightclaw-0.0.31/src/lightclaw/agent/skills/publisher-multi-platform/scripts/setup_server.sh:37

    elif command -v yum &>/dev/null; then
        curl -fsSL https://rpm.nodesource.com/setup_20.x | bash -
        yum install -y nodejs

Why was this flagged?

A script or Makefile pipes content from a remote URL directly into a shell (curl | sh or wget | bash). This is inherently dangerous because the remote content can change at any time, and the command runs with the current user's permissions. Rated HIGH because it requires manual execution (unlike install hooks) but still executes arbitrary remote code.

install-makefile-curl

HIGH

Makefile/script pipes remote content to shell

lightclaw-0.0.31/src/lightclaw/agent/skills/publisher-multi-platform/scripts/wechat_publish.py:865

    # 安装 Node.js (如果没有)
    curl -fsSL https://deb.nodesource.com/setup_20.x | bash -
    apt-get install -y nodejs

Why was this flagged?

A script or Makefile pipes content from a remote URL directly into a shell (curl | sh or wget | bash). This is inherently dangerous because the remote content can change at any time, and the command runs with the current user's permissions. Rated HIGH because it requires manual execution (unlike install hooks) but still executes arbitrary remote code.

install-makefile-curl

HIGH

Makefile/script pipes remote content to shell

lightclaw-0.0.31/src/lightclaw/dashboard/assets/index.js:46

# metadata: { "lightclaw": { "emoji": "⏰" } }
# ---`,createSuccess:"Skill created successfully",createFailed:"Failed to create skill",deleteConfirm:"Are you sure you want to delete this skill?",deleteSuccess:"Skill deleted successfully",deleteFailed:"Failed to delete skill",updateSuccess:"Skill updated successfully",updateFailed:"Failed to update skill",frontmatterRequired:"Skills must start and end with ---",frontmatterNameRequired:"Skills missing required field : name",frontmatterDescriptionRe

Why was this flagged?

A script or Makefile pipes content from a remote URL directly into a shell (curl | sh or wget | bash). This is inherently dangerous because the remote content can change at any time, and the command runs with the current user's permissions. Rated HIGH because it requires manual execution (unlike install hooks) but still executes arbitrary remote code.

install-makefile-curl

HIGH

Makefile/script pipes remote content to shell

lightclaw-0.0.31/src/lightclaw/dashboard/assets/index.js:59

# metadata: { "lightclaw": { "emoji": "⏰" } }
# ---`,createSuccess:"技能创建成功",createFailed:"技能创建失败",deleteConfirm:"确定要删除此技能吗？",deleteSuccess:"技能删除成功",deleteFailed:"技能删除失败",updateSuccess:"技能更新成功",updateFailed:"技能更新失败",frontmatterRequired:"Skills内容必须以 --- 开头和结尾",frontmatterNameRequired:"Skills 中缺少必填字段：name",frontmatterDescriptionRequired:"Skills 中缺少必填字段：description",editNotSupported:"后端API不支持编辑操作",editNote:"注意：后端API不支持编辑技能。您只能查看或切换启用/禁用状态。",create:"创建",installedSkills:"已安装技能",tencentSkillHub:"技能市场",

Why was this flagged?

A script or Makefile pipes content from a remote URL directly into a shell (curl | sh or wget | bash). This is inherently dangerous because the remote content can change at any time, and the command runs with the current user's permissions. Rated HIGH because it requires manual execution (unlike install hooks) but still executes arbitrary remote code.

install-pip-setup-exec

CRITICAL

setup.py executes code at install time

lightclaw-0.0.31/src/lightclaw/dashboard/assets/vendor-xterm.js:24

",e.GS="
",e.RS="
",e.US="",e.SP=" ",e.DEL=""))(g||(g={}));var Nt;(e=>(e.PAD="",e.HOP="",e.BPH="",e.NBH="",e.IND="",e.NEL="

Why was this flagged?

This setup.py calls subprocess, os.system, exec, or eval during package installation. Legitimate packages rarely need to execute arbitrary commands at install time. This pattern is commonly used by malicious packages to download and run payloads, exfiltrate environment variables, or establish persistence. Rated CRITICAL because it runs with the installer's full permissions.

install-makefile-curl

HIGH

Makefile/script pipes remote content to shell

lightclaw-0.0.31/src/lightclaw.egg-info/PKG-INFO:138

# macOS / Linux — one-line installer
curl -fsSL https://finnie-1258344699.cos.ap-guangzhou.myqcloud.com/install.sh | bash
```

Why was this flagged?

A script or Makefile pipes content from a remote URL directly into a shell (curl | sh or wget | bash). This is inherently dangerous because the remote content can change at any time, and the command runs with the current user's permissions. Rated HIGH because it requires manual execution (unlike install hooks) but still executes arbitrary remote code.

lightclaw

Summary

Provenance

Findings by Phase

Install Hooks

Code Patterns

Obfuscation

Network / Exfiltration

Provenance

Badge

Scan your own packages

Get threat intelligence and product updates

Other pypi scans