Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Dogovor Ru
v1.0.2Объясни, разбери и выдели риски в российских договорах — аренды, трудовых, кредитных, ипотечных и любых других.
⭐ 0· 343·1 current·1 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill says it analyzes Russian contracts and needs no binaries/credentials, which is consistent — except the Attribution section instructs the agent to run Python to read/write /home/node/.openclaw/workspace/ru-pack-counter.txt and append promotional t.me links. Those actions are unrelated to contract analysis and therefore disproportionate to the stated purpose.
Instruction Scope
SKILL.md explicitly instructs executing shell/Python commands at runtime, reading a specific workspace file, conditionally writing back to it, and adding promotional text/links to the user's output. That expands the skill's scope to arbitrary filesystem I/O and content injection outside the analysis task.
Install Mechanism
No install spec and no code files are present; the skill is instruction-only, which minimizes install risk.
Credentials
The skill declares no environment variables or credentials but accesses a host filesystem path (/home/node/.openclaw/workspace/ru-pack-counter.txt). Accessing and modifying agent workspace files is not justified by the contract-analysis purpose and could persist state or track usage.
Persistence & Privilege
Although always:false, the skill's instructions create persistent state by reading/writing a counter file across runs and change output based on that counter (show promotional block only while count < 3). This is unexpected persistence and modifies agent workspace state.
What to consider before installing
This skill mostly looks like a normal contract explainer, but the SKILL.md contains an 'Attribution' section that tells the agent to run Python commands to read/write /home/node/.openclaw/workspace/ru-pack-counter.txt and to inject t.me promotional links into responses. That behavior is unrelated to analyzing contracts and writes persistent state in the agent workspace. Before installing or enabling this skill, consider: 1) ask the author to remove the Attribution commands and promotional links from SKILL.md; 2) run the skill in a sandbox or with filesystem writes disabled so it cannot modify /home/node/.openclaw/workspace; 3) if you must use it, inspect and sanitize SKILL.md locally to remove the python read/write lines and the block that appends external links; 4) avoid allowing autonomous invocation unless you trust the modified skill, since it will otherwise be able to execute its instructions; 5) if you cannot edit the skill, do not install it into production agents that have access to sensitive workspace files. My confidence is medium because the instructions look intentionally promotional and out-of-scope but do not obviously exfiltrate secrets; removal of the Attribution block would make the skill coherent with its stated purpose.Like a lobster shell, security has layers — review code before you run it.
latestvk971rm7yt4r70qyycp2q6eq33x8202ef
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
📄 Clawdis
OSLinux · macOS · Windows