ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

OPC Pattern Recognition

v2.2.0

Analyzes user work rhythms, decision styles, help-seeking, and growth to provide personalized behavioral insights, predictions, and actionable recommendations.

0· 52·1 current·1 all-time
by@coidea
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name, SKILL.md, and the included scripts consistently describe behavioral pattern analysis of journal data — that purpose matches the code which reads a local journal.db and computes rhythms, anomalies, and trends. However, the scripts import modules under src.* (e.g., src.journal.core, src.patterns.analyzer, src.utils.logging) which are not included in the package manifest; this means the skill cannot run standalone and depends on external code that is not declared. The repeated sys.path insertion that walks up multiple parent directories is unusual and could cause the runtime to import unexpected modules from the host filesystem.
Instruction Scope
SKILL.md instructs use of tools like memory_search, read, and write and describes local-first privacy practices. The code's actual behavior aligns with reading local journal storage and writing pattern files. Mismatches: SKILL.md discusses 'similar_customers' comparisons and anonymized sharing, but the visible code does not show any network or aggregation logic to perform cross-customer comparisons or de-anonymization safeguards. Also, the code expects and will read customers/{customer_id}/journal/journal.db and create files under customers/{customer_id}/patterns — so it accesses local data and writes persistent analysis artifacts, which is expected but important to note.
Install Mechanism
There is no install spec (instruction-only install) and no external download URLs — low install risk. That said, because the package is incomplete (missing src modules), a user or integrator may attempt to satisfy dependencies by placing this repo inside a larger project or altering sys.path, which is what the scripts' sys.path manipulation appears designed to support; this raises the risk that the code will import unexpected modules from arbitrary locations if deployed carelessly.
Credentials
The skill requests no environment variables or cloud credentials and operates on local paths derived from the customer_id. That is proportionate to its stated purpose of local journal analysis. However, the SKILL.md's configuration options (e.g., similar_customers enabled) imply potential sharing or comparison with other customers; because no sharing implementation is visible, any networked sharing behavior (if added elsewhere) should be explicitly declared and gated by credentials/consent.
Persistence & Privilege
The skill writes configuration and pattern files into a per-customer storage directory (customers/{customer_id}/patterns) and reads customers/{customer_id}/journal/journal.db. It does not request always:true or try to modify other skills' configs. Writing its own data under a customer-scoped path is expected for this functionality, but you should verify the target path before running to avoid accidental overwrites of unrelated files.
What to consider before installing
What to consider before installing/running this skill: - Missing dependencies: The scripts import from src.* modules which are not included. Do not run this on real journal data until you can review or supply the referenced src package code. Running it without knowing what those imports do is risky. - sys.path manipulation: The scripts repeatedly insert a parent path into sys.path (walking up multiple directories). That can cause Python to import code from unrelated directories on the host. Ensure the runtime environment is controlled (run in an isolated virtualenv/container) and inspect which modules would be imported at that path. - Local data access and writes: The skill reads customers/{customer_id}/journal/journal.db and writes patterns/config JSON under customers/{customer_id}/patterns. Confirm those paths are correct and point only to intended data; back up any important files first. - Privacy & sharing: SKILL.md mentions anonymized comparisons and sharing patterns, but the visible code does not implement networked sharing. Treat any mention of cross-customer comparisons as a policy note — if you later enable sharing, require explicit consent and review network code. - Test with synthetic data: Before running on real personal or sensitive journals, test in a sandbox with synthetic entries to confirm behavior and to see what files get created. - Audit missing modules: Request or inspect the src.* modules (JournalManager, PatternStore, analyzer classes, logging utils) to ensure there is no hidden network exfiltration or access to credentials. If you cannot inspect them, avoid using the skill on sensitive data. If you want, I can list the exact code locations that need review (the src.* modules and the filesystem path logic) and suggest how to run the package safely in an isolated environment.

Like a lobster shell, security has layers — review code before you run it.

and decision styles. Identifies peak productivity hoursvk97bqq2xh94ps7egzbyp97vz6983nfeabehavioral patternsvk97bqq2xh94ps7egzbyp97vz6983nfeacommon blockersvk97bqq2xh94ps7egzbyp97vz6983nfeagrowth trajectoryvk97bqq2xh94ps7egzbyp97vz6983nfealatestvk97bqq2xh94ps7egzbyp97vz6983nfeaoptimize workflowvk97bqq2xh94ps7egzbyp97vz6983nfeawork habitsvk97bqq2xh94ps7egzbyp97vz6983nfea

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments