Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The skill advertises 'infer schema from JSON samples' but main.py contains no schema-inference logic: it only counts characters from an input file and can perform HTTP GET/POST when invoked with --url or --endpoint. Many CLI options (template, archive, target, data) are present but unused. Network features and extra args are not justified by the stated purpose.
Instruction Scope
SKILL.md instructs only CLI usage with an input file and explicitly promises no implicit operations, but the code supports making outbound HTTP requests and posting payload files if invoked with --url or --endpoint and --payload. Those network behaviors are not documented in SKILL.md, creating hidden scope/behavior that contradicts the documentation.
Install Mechanism
No install spec; it's an instruction-only skill with a small Python script. That minimizes install-time risk (nothing is downloaded or auto-installed).
Credentials
The skill declares no required environment variables or credentials (good), but the presence of --endpoint and --payload allows sending local file contents to arbitrary network endpoints. This provides an exfiltration channel not disclosed in the manifest or SKILL.md and is disproportionate to the simple 'schema drafting' purpose.
Persistence & Privilege
The skill does not request persistent presence (always is false), does not modify system or other skills, and does not store credentials. No elevated persistence privileges are requested.
What to consider before installing
This skill is inconsistent with its description. Before installing or running it: 1) be aware main.py does not perform schema inference — it only reports character counts and can perform HTTP GET/POST when run with --url or --endpoint and --payload. 2) The network options are not documented in SKILL.md and could be used to exfiltrate local file contents if invoked with those flags. 3) If you only need local schema drafting, either reject the skill or inspect and edit main.py to remove the --url/--endpoint code paths (or run it in an isolated sandbox without network access). 4) If you allow agent autonomy, ensure the agent cannot call the network-facing arguments; otherwise run the script manually with only --input and --output. 5) Ask the author for a corrected implementation that actually generates JSON Schema and for an explanation of why network operations are included.Like a lobster shell, security has layers — review code before you run it.
latestvk97fvjt2v3c40yryrja0pjex4s84dg5e
License
MIT-0
Free to use, modify, and redistribute. No attribution required.