Software Copyright Cn
Security checks across malware telemetry and agentic risk
Overview
This skill is coherent for generating Chinese software copyright application PDFs, but it handles local source code and personal contact details that users should review carefully.
This skill appears suitable for its stated purpose. Before installing or using it, be aware that it processes your local source code and saves application details, including contact information, to files. Use a narrowly scoped source directory, inspect the generated PDFs and JSON, and avoid committing or sharing files that contain private code or personal data.
VirusTotal
66/66 vendors flagged this skill as clean.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the user points the command at the wrong directory, proprietary or unrelated source files could be included in the generated PDF.
The source-PDF generator recursively scans a user-supplied source directory for code files, which is expected for producing program identification materials but can read a broad project tree.
for f in sorted(src_path.rglob('*')): ... if f.is_file() and f.suffix.lower() in extensions:Run the script only on the intended source-code directory and review the generated PDF before using or sharing it.
The local configuration file may contain personal contact information and should not be committed, uploaded, or shared unintentionally.
The workflow persists real-name contact and address information in a local JSON file as part of the application-material generation process.
用户确认无误后,将全部信息保存为 `software_info.json` ... "contact": { "name": "...", "address": "...", "postal_code": "...", "phone": "..." }Store software_info.json in the intended project workspace only, exclude it from public repositories if it contains personal details, and delete it when no longer needed.