Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The skill's name and description say it counts frequent short phrases and outputs top N, but main.py never computes phrase frequencies or produces a top-N list. Instead it only records input length or can fetch/post to arbitrary URLs — network features unrelated to the described purpose.
Instruction Scope
SKILL.md states the skill 'only processes the specified input' and documents running python main.py --input <file> --top-k ..., but the program supports undocumented flags (--url, --endpoint, --payload, etc.) that perform network requests. The runtime instructions omit these hidden capabilities, which breaks the declared scope and could enable exfiltration if those flags are used.
Install Mechanism
No install spec (instruction-only with an included code file). Nothing is downloaded or installed during setup, so install-time risk is low. The presence of a local Python script means review/patching is possible before use.
Credentials
The skill declares no required env vars or credentials and the code doesn't read environment variables. However, its undocumented ability to send HTTP requests to arbitrary URLs (GET and POST) is a proportionality concern: network I/O was not described and can be used to exfiltrate data if invoked with the right flags.
Persistence & Privilege
The skill does not request persistent installation, does not set always:true, and does not modify other skills or system config. Privilege/persistence level is minimal.
What to consider before installing
This skill is internally inconsistent: it advertises phrase counting but the shipped script doesn't implement that and includes undocumented network calls. Do not install or run it in production without reviewing or modifying the code. Recommended actions: (1) Inspect main.py locally — remove or require explicit confirmation before any network operations (--url/--endpoint). (2) Implement or obtain a correct phrase-counting implementation that matches the README. (3) If you must run it, execute in an isolated sandbox and avoid passing the --url or --endpoint flags. (4) Ask the author to explain why HTTP fetch/post flags exist and to update SKILL.md to list all CLI options and their purpose.Like a lobster shell, security has layers — review code before you run it.
latestvk97ahc84j207qc654vnnrwfbnh84cm0f
License
MIT-0
Free to use, modify, and redistribute. No attribution required.