Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
三体:文明的抉择
v1.0.0恐怖惊魂夜 - 互动式恐怖悬疑剧本杀游戏。玩家将在雪山旅馆中经历一场惊心动魄的生存冒险,通过调查线索、做出选择来推动剧情发展。支持多结局、角色扮演、线索系统。适用于互动小说、剧本杀、文字冒险游戏等场景。
⭐ 0· 81·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The skill's name/description are for a text-adventure game, yet the package includes hundreds of unrelated files (Feishu connectors, Gmail creds, service account JSON, publishing scripts, many other skills). Declaring 'instruction-only' with no required env vars is inconsistent with the repository contents. The presence of social/publishing integrations and stored credentials does not belong to a simple single-game skill.
Instruction Scope
The SKILL.md itself limits runtime actions to reading game reference files, but other workspace docs (AGENTS.md, SOUL.md, MEMORY.md, TOOLS.md, HEARTBEAT.md) instruct the agent to read long-term memory, user files, and to perform external actions without asking. Those instructions expand scope far beyond a standalone game and enable access to sensitive workspace data.
Install Mechanism
No install spec is declared (instruction-only), which usually lowers risk. However, this repository nonetheless contains many executable scripts and service files; absence of an install spec combined with many code files is inconsistent but does not itself execute code on install.
Credentials
The skill declares no required env vars, but multiple files contain credentials or references to secrets (gmail-credentials.json, service-account.json, FEISHU app id/secret, pasted API keys in MEMORY.md and TOOLS.md, cookies.json). A text-adventure game does not need these — their presence is disproportionate and suggests potential for credential exposure or misuse.
Persistence & Privilege
always:false (normal). However, AGENTS.md and other docs instruct the agent to autonomously read and update workspace memory files and to perform heartbeats and external actions. While autonomous invocation is the platform default, these embedded agent behaviors increase blast radius if the skill is enabled — combine with other red flags.
Scan Findings in Context
[system-prompt-override] unexpected: The skill (in reference files like ch00_start.md and SKILL.md) contains strong 'system' style instructions about how the assistant must behave (strict execution principles). A game skill shouldn't attempt to override the model/system prompt or enforce global behavior; this is a prompt-injection pattern and is unexpected for the stated purpose.
[unicode-control-chars] unexpected: Unicode-control character patterns were detected in the SKILL.md content. These are often used to obfuscate or manipulate prompt parsing and are not needed for an interactive story skill.
What to consider before installing
Do not install this skill on a machine with sensitive data or live credentials yet. Specific concerns: (1) The package includes many unrelated scripts and integration code (Feishu, Gmail, publishing) and files containing API keys/credentials (gmail-credentials.json, service-account.json, cookies.json, API keys pasted in MEMORY.md). (2) AGENTS.md and other workspace docs direct the assistant to read long-term memory and user files without asking — this is scope creep from a simple game. (3) The SKILL.md/references include prompt-injection-like system instructions and potential obfuscation. Actions to take before proceeding: - Ask the publisher for provenance (source/homepage/owner) and why so many unrelated files are bundled. Do not proceed if owner is unknown/untrusted. - Inspect the repository for secrets: search for 'API_KEY', 'SECRET', 'password', '.env', 'service-account.json', 'gmail-credentials.json', 'cookies.json' and remove or rotate any exposed credentials. - Run the skill in an isolated sandbox/VM with no access to your real workspace, network-restricted if possible. - If you only want the game, extract SKILL.md and the references/ game files into a clean directory and remove unrelated files; verify no scripts will be executed. - If you plan to allow autonomous actions, require explicit, minimal env vars and a clear install script from a trusted source; never grant broad file-system access. If you want, I can list the exact files that contain apparent credentials and the lines to inspect/rotate.skills/tavily-search/scripts/extract.mjs:18
Environment variable access combined with network send.
skills/tavily-search/scripts/search.mjs:42
Environment variable access combined with network send.
xiaohongshu-mcp/examples/n8n/自动发布笔记到小红书.json:23
Install source points to URL shortener or raw IP.
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.Like a lobster shell, security has layers — review code before you run it.
latestvk974124x0jyjanevmkaq1f20rs83h5n5
License
MIT-0
Free to use, modify, and redistribute. No attribution required.