Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
llm-benchmark-analyst
v1.0.0search and analyze llm benchmark results within a fixed benchmark universe, then produce evidence-based model strength and weakness reports or domain-leader...
⭐ 0· 208·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name, description, and bundled reference files align: the skill's goal is structured benchmark search and reporting; it restricts scope to the provided references and doesn't request unrelated credentials or system access. The instruction-only design (no binaries, no env vars, no installs) is proportionate to the stated purpose.
Instruction Scope
SKILL.md instructs the agent to browse web pages and perform multimodal extraction (text/image/canvas). That is functionally coherent, but the static scan flagged 'unicode-control-chars' in the SKILL.md (a prompt-injection pattern). Unicode control characters can hide or obfuscate instructions and may be used to manipulate or subvert the evaluation or runtime behavior. Inspect the raw SKILL.md for hidden control characters and verify that no hidden directives or altered text exist.
Install Mechanism
No install spec and no code files beyond reference docs — lowest install risk. Nothing is downloaded or written to disk by the package itself.
Credentials
The skill declares no required environment variables, credentials, or config paths. Its needs (web browsing, multimodal extraction) are reasonable for the described functionality and do not demand secrets or broad system access.
Persistence & Privilege
always:false and default autonomous invocation are set (normal). Because the skill can be invoked autonomously and instructs web crawling and image extraction, it can perform network retrievals during runs — this is expected for a research/reporting skill but increases the operational blast radius if the skill contained hidden or malicious instructions. Combine this with the prompt-injection signal when deciding whether to enable autonomous runs.
Scan Findings in Context
[unicode-control-chars] unexpected: The SKILL.md contains Unicode control characters. These are not required for legitimate benchmark-reporting instructions and can be used to obfuscate or alter visible text (a prompt-injection pattern). Manual review of the raw file for hidden characters and any obscured directives is recommended before use.
What to consider before installing
This skill appears to do what it claims (search benchmark leaderboards and produce evidence-based reports) and is low-risk in terms of missing installs or credential requests. However: 1) the SKILL.md was flagged for unicode control characters — open the SKILL.md in a raw/text editor that shows hidden/control chars and verify there are no hidden or altered instructions; 2) confirm the skill's source/owner before installing (no homepage provided); 3) because it relies on web browsing and image extraction, avoid running it with access to sensitive accounts or data until you trust it; 4) if you allow autonomous invocation, prefer testing it first interactively with harmless queries and monitor the agent's external requests; 5) check referenced URLs in the references/ files manually — many external links are present and the skill will instruct browsing to those sites, so ensure that aligns with your policies. If you want, I can highlight any non-ASCII/control characters in the SKILL.md or produce a cleaned, visible-only version for review.Like a lobster shell, security has layers — review code before you run it.
latestvk9746zgdjj7ht7t94bkmkzq5mx82xe7c
License
MIT-0
Free to use, modify, and redistribute. No attribution required.