ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Key Takeaways

v1.0.0

Extracts and summarizes key takeaways from documents, meeting notes, articles, and other text content. Use when the user asks for summaries, bullet points, m...

0· 52·0 current·0 all-time
byAIpoch@aipoch-ai
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
high confidence
Purpose & Capability
The skill's name and description match a local text-summarization utility and the package includes a small Python extractor. However the code's docstring and references lean toward 'medical documents' specifically while the description claims general-purpose documents — a minor mismatch in stated target domain but not necessarily malicious.
!
Instruction Scope
SKILL.md instructs running and configuring scripts (mentions editing an in-file CONFIG block) and gives Quick Start examples, but the examples do not match the code: SKILL.md references Key_Takeaways and .process/.export methods and a CONFIG block, whereas scripts/main.py defines class KeyTakeaways with an extract() method and no CONFIG. These inconsistencies could cause the agent to attempt non-existent functions or apply the wrong inputs; the instructions also repeat text and are somewhat sloppy.
Install Mechanism
No install spec is provided (instruction-only skill with a small local script). There is no network download or third-party installation described, so installation risk is low. SKILL.md mentions third-party packages are not pinned, but none are actually required by the included script.
Credentials
The skill requests no environment variables, no credentials, and no config paths. The included files contain no network endpoints or secret-handling code. Environment/credential access is proportional to the stated summarization purpose.
Persistence & Privilege
The skill is not marked always:true, does not request persistent system changes, and contains no install hooks. It does not modify other skills or agent configuration.
Scan Findings in Context
[pre_scan_injection_signals] expected: Pre-scan reported 'None detected' for injection signals; the repository also contains an archived audit JSON (key-takeaways_audit_result_v1.json) describing legacy evaluation results — this is an informational artifact, not an active finding.
What to consider before installing
This package contains a simple, local Python summarizer and does not ask for credentials or perform network calls, so it is not obviously dangerous. However, the runtime instructions and examples in SKILL.md do not match the included script (different class/method names and references to a CONFIG block that doesn't exist). Before installing or allowing autonomous use: (1) review and/or run scripts/main.py yourself in an isolated environment to confirm behavior; (2) fix or reconcile SKILL.md examples (or adapt your calls to the actual extract() API); (3) if you will process sensitive data (medical records, PII), ensure appropriate privacy controls because the code is simplistic and makes no privacy guarantees; and (4) if you add third-party packages, pin versions and review dependencies. The current inconsistencies are likely engineering sloppiness rather than malicious intent, but they warrant correction before production use.

Like a lobster shell, security has layers — review code before you run it.

latestvk978rb5f7r9abp8m1ysr4gmfas83j9fn

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments