ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Figure Reference Checker

v0.1.0

Check figure references in manuscripts

0· 72·0 current·0 all-time
byAIpoch@aipoch-ai
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
The declared purpose (check figure references) matches the small included Python implementation, which uses regex to find 'Fig. <number>' tokens. However, the SKILL.md repeatedly describes passing a manuscript file path (example: paper.docx) and claims the tool reads/writes files; the script instead treats the --manuscript argument as manuscript text and does not open or write any files. This inconsistency is disproportionate to the stated functionality and may mislead users.
!
Instruction Scope
SKILL.md instructs running 'python scripts/main.py --manuscript paper.docx' implying the script will read a .docx file. The script does not read files or parse .docx — it treats the argument as raw text. SKILL.md also claims output files are saved to workspace and lists filesystem access in its risk table, but the code only prints to stdout. This gap between instructions and actual behavior is a scope/instruction mismatch.
Install Mechanism
No install spec and no external dependencies. The script uses only the Python standard library (argparse, re). This is low-risk from an install perspective.
Credentials
No environment variables, credentials, or config paths are requested. The skill does not require secrets or external service access; the requested environment is proportionate.
Persistence & Privilege
The skill does not request persistent installation or elevated privileges (always:false). It does not modify other skills or system configuration.
What to consider before installing
This skill is low-risk in that it contains a short, local Python script with no network or credential access. However, the documentation and code disagree: the README/usage implies you pass a file path (e.g., a .docx) and that results are written to workspace, but the script expects the manuscript argument to be the actual text and only prints results. Before using: (1) inspect or run the script on a harmless sample to confirm behavior; (2) don't pass sensitive documents until you confirm how input is read and where output goes; (3) if you want to process .docx files, modify the script to safely open/convert those files (validate paths, avoid ../ traversal, whitelist extensions) and/or add explicit input validation; (4) run in a sandbox (container/VM) if you will process unknown files; and (5) ask the publisher/author of this skill to fix the SKILL.md so it accurately reflects the script's behavior (or update the script to actually read files and implement the claimed safeguards).

Like a lobster shell, security has layers — review code before you run it.

latestvk975ap3r1zn9c9101821cwqgvs839j0q

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments