ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Meeting Risk Radar

v1.0.0

会前识别高风险议题、模糊责任、缺失材料和可能失控的讨论点。;use for meeting-risk, preflight, facilitation workflows;do not use for 分析私密录音, 替代正式风险审查.

0· 91·0 current·0 all-time
byvx:17605205782@52yuanchangxing
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description ask for meeting preflight risk checks and the bundle contains a local Python script plus templates/spec that implement exactly that behavior. Requiring python3 and including resources/spec.json and template.md is proportionate.
Instruction Scope
SKILL.md limits scope to pre-meeting analysis and explicitly warns against analyzing private recordings or performing writes. The runtime script will read any file or directory given as --input and can produce directory/csv/skill audits if the spec/mode indicates — so only feed meeting-relevant files and avoid pointing it at system or sensitive directories.
Install Mechanism
No install spec; this is an instruction-only skill with a local Python script (no third‑party packages or remote downloads). Lowest-risk install posture (requires only python3 to run).
Credentials
No environment variables, secrets, or external credentials are requested. The script reads local files specified by the user but does not contact external endpoints or require tokens.
Persistence & Privilege
Skill is not always-enabled and does not request elevated platform privileges. It writes output only if --output is provided (and supports --dry-run) and does not modify other skills or global agent settings.
Assessment
This skill appears to do what it says: generate pre-meeting risk briefs from local input. Before installing or running it: (1) review the bundled scripts/run.py yourself (it’s included) and run smoke-test in a safe directory; (2) never point the script at system roots or directories containing secrets—only provide meeting materials; (3) prefer --dry-run first and inspect output before allowing any follow-up actions; (4) note the homepage/owner are not a known vendor—if provenance matters, run in a sandbox or ask the publisher for verification; (5) do not supply private recordings or other sensitive PII to the skill.

Like a lobster shell, security has layers — review code before you run it.

latestvk97332e3ba8zd5xvs45zze795n835etg

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

📡 Clawdis
OSmacOS · Linux · Windows
Binspython3

Comments