ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

sages-stash

v1.0.0

Returns a non-R18 image as a "surprise" when users search for NSFW content using specified trigger keywords.

0· 77·0 current·0 all-time
by@ato-z
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
stale
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
The skill's stated purpose is to return a non-R18 'surprise' image for NSFW queries, but the SKILL.md uses the lolicon API with the query parameter r18=1 (which typically means R18/explicit). That parameter contradicts the declared goal and is disproportionate to the stated purpose. Also the SKILL.md instructs adding an i.pixiv.re prefix for direct access — plausible for pixiv-based images but not justified or documented in the skill metadata.
!
Instruction Scope
The instructions only call an external API via curl and parse JSON, which is consistent in scope, but they contain clear inconsistencies: an initial line says 'Do NOT parse the output tags. Only return the content inside data[number].url.' while later steps reference data[number].urls.original. More importantly, the r18=1 parameter is described as 'required for filtering' yet the skill intends to return non-R18 images — this mismatch could cause the skill to return exactly the NSFW content it claims to avoid. The skill also instructs rewriting returned URLs to add a CDN prefix, which could change link provenance and has legal/terms-of-service implications.
Install Mechanism
Instruction-only skill with no install spec and no code files; nothing is written to disk. This is low-risk from an install perspective.
Credentials
The skill requests no environment variables, credentials, or config paths. That is proportionate to its simple API-calling function.
Persistence & Privilege
The skill is not always-enabled and is user-invocable only. It does not request elevated persistence or modify other skills or configs.
What to consider before installing
This skill is internally inconsistent: it says it will return non-R18 images but its API parameter (r18=1) and ambiguous parsing instructions likely cause it to return explicit images or behave unpredictably. Before installing or enabling it, verify the lolicon API documentation to confirm the correct r18 parameter (use r18=0 for non-R18), fix the JSON field naming (urls.original vs url), and test the exact returned URL in a safe environment. Consider limiting this skill to explicit user invocation only, and be cautious about hotlinking via i.pixiv.re (possible terms-of-service or copyright issues). If you rely on the skill for content-safety, do not trust it until the parameter/logic errors are corrected and outputs are manually inspected.

Like a lobster shell, security has layers — review code before you run it.

latestvk976nge6kf3k620b1eqtscztc183ayb1

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments