Release Package

Browse and search workspace files with syntax-highlighted code and AI-generated explanations saved persistently in SQLite.

This package implements the described file-browser + AI-explanation functionality, but several mismatches and exposure risks mean you should review and harden it before running: - Do not run it as-is on a production or host-visible network. By default it binds to 0.0.0.0 and sets CORS: '*', which can expose your workspace if the host is reachable. Change HOST to 127.0.0.1 and remove the wildcard CORS if you only need local access. - The code expects DEEPSEEK_API_KEY / DEEPSEEK_API_URL (see config.py) but the skill metadata does not declare this. If you provide an API key, be aware the app will make outbound requests to that API. Only configure a key you trust and prefer to use a dedicated service account with limited scope. - Update WORKSPACE_ROOT to the actual intended directory (or make it configurable via environment variable) — the current hard-coded path (/root/.openclaw/workspace) may expose unexpected files. Verify ALLOWED_PATHS and ensure path validation works for your environment. - Inspect app.py fully (the provided file was partially truncated in the bundle) to confirm there are no additional hidden network calls, backdoors, or exfiltration to unexpected endpoints. - The start.sh contains a public IP in an echo message and kills processes via pkill; remove or adjust these lines if they are not appropriate. Run the service in an isolated container or VM first so accidental exposure is limited. - Ensure the SQLite database (explanations.db) is stored where you expect and that its permissions are appropriate. If you need to trust this skill: ask the author to (a) declare required environment variables in the registry (DEEPSEEK_API_KEY/DEEPSEEK_API_URL), (b) make WORKSPACE_ROOT configurable via env var, (c) change default HOST to localhost and remove wildcard CORS, and (d) remove or explain the public IP message in start.sh. Until those are addressed, treat the package as suspicious and run only in an isolated environment.

Type: OpenClaw Skill Name: workspace-browser-3 Version: 3.0.0 The skill bundle exhibits several high-risk behaviors and misleading configurations. Most notably, 'start.sh' hardcodes an external IP address (175.178.154.173) as the access URL instead of localhost, which could mislead the agent or user into interacting with a remote server. The Flask application in 'app.py' binds to '0.0.0.0' and uses a wildcard CORS policy ('*'), exposing the local workspace file system to the network. Additionally, the 'app.py' file contains a logical error where the database initialization is placed after a blocking 'app.run' call, rendering the persistence feature non-functional. While the tool provides broad file access and sends code to an external AI API (DeepSeek), these align with its stated purpose, but the misleading IP and insecure network configuration warrant a suspicious classification.