ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

conversation-exporter

v1.0.0

对话历史导出工具 - 将 WorkBuddy 的对话历史导出为多种格式(JSON/Markdown/TXT),包含时间线、元数据、统计数据、成就里程碑和 Skills 使用记录,便于归档分析和分享

0· 68·0 current·0 all-time
byoxf4vul@0xf4vul
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name/description (conversation export) match the instructions to read work-memory and produce JSON/MD/TXT exports. However the skill also promises to extract '关键文件路径', '自动化任务目录' and '已安装的 Skills 列表', which require scanning workspace metadata beyond plain conversation logs—these are plausible but broaden the scope. There is a direct contradiction: earlier it says it includes a '完整的时间线' but the privacy section says '不导出完整的对话内容,只保留摘要'. That inconsistency reduces confidence that the requested actions are well-scoped.
!
Instruction Scope
SKILL.md instructs the agent to read '长期记忆文件', '最近的日期文件', '自动化任务目录' and '工作区根目录' but does not define exact paths or limits. This vagueness gives the agent broad discretion to access arbitrary files under the workspace. The contradictory statements about filtering (claims to auto-filter API keys/passwords and to not export full content) versus exporting '完整时间线' are concerning: it's unclear whether raw sensitive content might be read and written to export files. The skill also writes files to the workspace root (possible overwrite) and mentions including '附件' and '关键文件路径' which could capture sensitive artifacts.
Install Mechanism
Instruction-only skill with no install spec and no code files—lowest install risk. Nothing is downloaded or written to disk by an installer. Runtime behavior (file read/write) is the only active surface.
Credentials
The skill declares no environment variables, credentials, or config paths (appropriate for a local exporter). However, it claims to automatically filter API keys/passwords and to extract Skills usage records—these features implicitly require reading potentially sensitive configuration files (skill metadata). Without explicit declared paths, it's unclear what the agent will access, which is a proportionality concern of scope (not of explicit credential requests).
Persistence & Privilege
always is false and the skill is user-invocable; it does not request persistent or elevated privileges. Autonomous invocation is allowed (default) but not combined with other high-risk flags here.
What to consider before installing
This skill appears to do what it says (export conversation history) but the instructions are vague about which files and directories it will scan and contradictory about whether full conversations are exported or only summaries. Before installing or running: 1) Ask the author to specify exact paths the skill will read (location of '工作记忆', '自动化任务目录', and what '关键文件路径' means). 2) Request a sample export (or run in a sandbox/offline workspace) to verify it doesn't include raw secrets or unexpected files. 3) Backup your workspace and run the skill on a copy first. 4) Verify filtering: test with dummy API keys/passwords to confirm they are removed. 5) If you have highly sensitive files in the workspace, restrict file permissions or move them out of the workspace before use. If the author cannot clarify the above, treat this skill cautiously.

Like a lobster shell, security has layers — review code before you run it.

conversation-exportvk97dg5kk41khk8ddq3bncn6f3x83hsnpdata-exportvk97dg5kk41khk8ddq3bncn6f3x83hsnpfile-conversionvk97dg5kk41khk8ddq3bncn6f3x83hsnplatestvk97dg5kk41khk8ddq3bncn6f3x83hsnpworkbuddy-skillvk97dg5kk41khk8ddq3bncn6f3x83hsnp

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments