ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Nlp

v3.4.2

Process text with NLP. Use when tokenizing, analyzing sentiment, extracting entities, summarizing documents, or measuring similarity.

0· 349·0 current·0 all-time
bybytesagain4@xueyetianya
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (NLP tasks) align with the included script and documented commands (tokenize, sentiment, extract, summarize, similarity, classify). There are no unrelated environment variables, binaries, or install steps requested.
Instruction Scope
SKILL.md instructs the agent to run the bundled bash script on local input or files and documents accepted flags and I/O methods. The script reads only user-provided input or files; there are no instructions to collect system-wide files, credentials, or to send data externally.
Install Mechanism
No install spec is provided (instruction-only plus a bundled script). Nothing is downloaded or extracted at install time; the single script runs locally. This is the lowest-risk install profile.
Credentials
The skill requests no environment variables or credentials. Its functional needs (bash 4+, grep -P, awk) are documented in SKILL.md and are proportionate to the described functionality.
Persistence & Privilege
always is false and the skill is user-invocable. The script declares itself stateless and does not modify agent/system configuration or other skills. It does not request persistent presence.
Assessment
This skill appears coherent and runs a local Bash script that processes only input you provide. Before installing/using: (1) verify your environment has Bash 4+, grep with -P support, and awk (the script requires these), (2) run the script on non-sensitive sample text first to confirm behavior, and (3) review the full script contents yourself if you will run it on sensitive data — while no network or credential use is present, executing any third-party script has inherent risk. If you need macOS compatibility, note that the default BSD grep may lack -P (Perl regex); consider installing GNU grep or testing functionality first.

Like a lobster shell, security has layers — review code before you run it.

latestvk97f34kdsf4h17kbkfx9ka1vtd835txk

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments