Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
杠精 Gangjing
v1.0.9用户说什么都要杠的技能。A contrarian review and red-team skill for product, architecture, and code decisions. 默认先做口头审查;只有在用户明确要求测试代码, 或对当前工作区代码做强断言时,才升级到代码攻击与实锤验证。
⭐ 0· 56·0 current·0 all-time
byBecker@blurooo
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
Name/description describe a contrarian review and red-team tool; required binaries (python/node) and the included attack/harness templates align with that purpose. No unexpected cloud credentials, system config paths, or unrelated binaries are requested.
Instruction Scope
SKILL.md instructs the agent to perform staged actions (verbal review by default; only escalate to generating attack_config.json, writing temporary harness files, and executing attacks on the current workspace when the user explicitly requests testing or makes a strong assertion). The instructions explicitly allow importing and executing target modules' top-level code and forking processes for isolation — behavior that is expected for a code-fuzzing/red-team tool but carries obvious risks if run against untrusted repositories or without user consent.
Install Mechanism
No install spec; instruction-only skill. Templates show how to create temporary harness files in the current workspace rather than downloading arbitrary archives — this is lower risk than pulling remote executables. No external URLs or downloads in the install path.
Credentials
The skill requires no environment variables or credentials. The requested permissions (access to current workspace files and ability to run local Python/Node) are proportionate to a tool that performs local code testing.
Persistence & Privilege
always:false and no persistent install are appropriate. However the skill's runtime behavior includes creating files in the workspace and executing local processes; combined with the platform's normal autonomous-invocation capability (disable-model-invocation:false), this increases the potential blast radius if the skill is triggered unexpectedly. The SKILL.md sets policy to avoid automatic code execution, but enforcement depends on the agent following those instructions.
Assessment
This skill appears to do what it says: a contrarian, red-team style reviewer that can also run local 'attack' harnesses against code in your current workspace. Before using it: (1) only allow it to run attacks when you explicitly request or after you review and approve the generated attack_config.json; (2) never run it against repositories you didn't trust — the harness will import and execute target modules, which can run arbitrary code; (3) prefer running attacks inside an isolated environment (container, VM, or throwaway ephemeral workspace) and review any temporary files it creates (e.g., .gangjing-tmp, attack_config.json, results.json); (4) be aware the skill can fork processes and run python/node commands locally — check outputs before sharing; (5) if you do not want any code execution, restrict the skill to conversational/analysis mode or disable autonomous invocation. If you want higher assurance, ask for a code review of the exact harness script that would be created and for explicit enforcement that the target path stays within a specified subdirectory.Like a lobster shell, security has layers — review code before you run it.
engineeringvk975nnk21dm5e3758hhw0ntam9846whjlatestvk975nnk21dm5e3758hhw0ntam9846whjpromptingvk975nnk21dm5e3758hhw0ntam9846whjred-teamvk975nnk21dm5e3758hhw0ntam9846whjzh-cnvk975nnk21dm5e3758hhw0ntam9846whj
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
Any binpython3, python, node