ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Thai Chinese Gov Efficiency

v1.0.0

Academic research agent for comparative analysis of governance structures in Thai and Chinese public business schools and their impact on educational efficie...

0· 52·0 current·0 all-time
by@1829162846lw
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
The name/description (comparative governance research) match the SKILL.md content: theoretical framework building, mixed-methods design, literature review, data collection, DEA/regression analysis and coordination of subagents. Nothing requested or described is unrelated to that purpose.
Instruction Scope
The instructions tell the agent to run web_search/web_fetch, execute local scripts (scripts/*.py, Rscript), read local reference files (references/*, assets/*) and spawn other subagents. Those actions are coherent for a research workflow, but the skill does not include the referenced scripts/files or define the behavior of the spawn_subagent commands — the agent may attempt to run commands that depend on missing or untrusted artifacts.
Install Mechanism
No install spec or code files are provided (instruction-only). This minimizes installation risk because nothing is downloaded or written by the skill itself.
Credentials
The skill declares no environment variables, credentials, or config paths. The SKILL.md also does not request secrets. This is proportionate to the stated academic research purpose.
Persistence & Privilege
always is false and the skill does not request persistent/privileged system presence. It does instruct spawning subagents and running update commands (clawhub update), which are normal for agent workflows but worth reviewing before enabling autonomous execution.
Assessment
This skill appears to do what it says, but it expects external scripts, local reference files, and other sub-skills that are not included. Before installing or enabling autonomous use: 1) confirm the existence and trustworthiness of scripts referenced in scripts/*.py and R scripts, and of files under references/ and assets/; 2) verify the target subagents (literature-review, data-analysis) are legitimate and permitted to receive your data; 3) ensure the platform commands used (web_fetch, web_search, spawn_subagent, clawhub) are safe in your environment and won't leak sensitive information; 4) run the skill in a sandbox or with restricted agent permissions first; and 5) if you cannot validate the external artifacts, avoid granting broad autonomous execution rights.

Like a lobster shell, security has layers — review code before you run it.

latestvk97eghgd015453jwnhjtdg06en83m5c0

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments