ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

French Learning

v1.0.0

French vocab automation. Formats Excel vocab to Google Sheet, generates ElevenLabs audio, uploads to Drive. Triggers: process french vocab, generate audio, F...

0· 47·0 current·0 all-time
by@clairproqc-star
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description, required binaries (gog, gemini, sag) and required env vars (GEMINI_API_KEY, ELEVENLABS_API_KEY) align with the code: scripts read Google Sheets via 'gog', call Gemini for translations, use 'sag' to generate ElevenLabs audio, and upload to Drive. The files implement the described functionality.
Instruction Scope
Runtime instructions and scripts stay within the declared feature set (read source sheet, call Gemini, update target sheet, generate audio with sag, upload to Drive). However, scripts read/write /tmp files and one script (scripts/fix_update.py) constructs and runs a shell command with shell=True that injects the file contents via $(cat ...). If an attacker or another process can control that temp file, this could lead to command injection. Also the skill will upload generated audio into a Google Drive folder (requires Drive access).
Install Mechanism
This is an instruction-only skill with included scripts and no install spec — nothing is downloaded or installed by the skill itself. The risk surface is limited to executing the provided scripts and the external CLIs they call.
!
Credentials
The declared environment variables (GEMINI_API_KEY, ELEVENLABS_API_KEY) are appropriate for the LLM and TTS usage. However, the scripts rely heavily on the 'gog' CLI for Google Sheets/Drive access but the skill does not declare or request any Google credentials, service-account keys, or config paths. That omission is a coherence gap: a user must ensure gog is authenticated (likely with Google OAuth or a service account) before running. Also treat API keys as sensitive — the skill will use them to make network requests to external services.
Persistence & Privilege
The skill is not persistent (always:false), is user-invocable, and does not modify other skills or system-wide configs. It only runs the included scripts and external CLIs when invoked.
Scan Findings in Context
[static-scan-none] expected: No regex-based findings were detected by the static scanner. This does not remove the runtime concerns noted above (shell=True usage, missing declared Google auth).
What to consider before installing
Before installing or running this skill: - Verify gog, gemini, and sag are the exact CLIs you expect and are installed from trusted sources. CLI supply-chain risk is real. - Confirm how your machine is authenticated to Google (gog). The skill will read and write Google Sheets and upload files to Drive; the repository does not declare the Google credentials/config required — ensure you only grant a least-privilege account or folder access, not broad account access. - Protect API keys: GEMINI_API_KEY and ELEVENLABS_API_KEY are required; treat them as secrets and avoid exposing them to shared environments. - Review and harden scripts: replace the shell=True pattern in scripts/fix_update.py (which injects /tmp/french_learning_output_data.json via a shell substitution) with a safe non-shell subprocess call that reads the file directly or passes JSON as an argument. The current pattern could allow command injection if an attacker can control the temp file. - Consider running first in a sandbox or with a restricted Google service account that only has write access to the intended Sheet/Drive folder, and audit the folder after a test run. - If you do not want the skill to upload to your Drive, do not provide the Drive Folder ID or run the generate_audio script until you have validated outputs locally. If you want, I can point out the exact lines to change to eliminate the shell invocation and make the scripts safer.

Like a lobster shell, security has layers — review code before you run it.

latestvk97esa0fx6wfyc38g8sdy3n1ss83jq0k

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🇫🇷 Clawdis
Binssag, gog, gemini
EnvGEMINI_API_KEY, ELEVENLABS_API_KEY
Primary envGEMINI_API_KEY

Comments