ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Calculus Concept Visualizer

v1.0.0

基于多表征理论和动态可视化的微积分概念理解助手,专门解决ε-δ定义、导数本质、积分思想等核心难点的理解困难。 通过 GeoGebra 交互演示、认知诊断、即时检测,实现从具体直观到抽象形式化的渐进式学习。

0· 45·0 current·0 all-time
bymath@daigxok
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
CryptoCan make purchases
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description (calculus visualization, ε-δ, derivative, integrals) match the provided code and templates: GeoGebra config generator, interactive plotting, misconception detector, quiz generator and step builder. The included Python tools and prompts are coherent with the stated educational goals.
!
Instruction Scope
SKILL.md declares allowed-tools (Bash, Python, FileWrite) and calls the local Python tools to generate visuals and quizzes — that's expected. However the instructions and tool implementations include automatic file operations (auto_save_visualizations = true in hermes.config.yaml) and several places where user-supplied mathematical expressions are passed to eval(), allowing arbitrary Python execution if an attacker or malformed input supplies code. The skill also embeds prompts and templates (system/prompts) which include a pre-scan 'unicode-control-chars' prompt-injection signal. The SKILL.md requests OPENCLAW_SKILLS_PATH (requires-env) while the registry metadata lists no required env vars — an inconsistency.
Install Mechanism
No install spec in registry (no packaged install), README suggests installing via OpenClaw CLI and Python deps via pip; requirements.txt exists and lists numpy/matplotlib/plotly/sympy/pandas/pytest but code imports scipy in plot_interactive while scipy is not listed — dependency mismatch. There are no remote download URLs or archives in the install flow, which reduces supply-chain risk, but missing declared deps and manual install instructions mean the runtime environment could differ from what's expected.
!
Credentials
Registry metadata reports no required environment variables, but SKILL.md's frontmatter lists requires-env: OPENCLAW_SKILLS_PATH (inconsistency). No cloud credentials are requested — good. Hermes config references a model provider (deepseek) but no API key variables are declared. Overall no excessive credentials requested, but the mismatch in declared env vars and the skill's configuration should be resolved before trusting runtime behavior.
Persistence & Privilege
always:false (not forced globally) and model invocation is allowed (normal). The skill's hermes.config enables auto_save_visualizations and file_operations capability which cause files/images to be written to disk automatically; this is reasonable for a visualization tool but increases persistence footprint and may write files into the agent's working directories (verify target path). The skill does not request modification of other skills' configs.
Scan Findings in Context
[unicode-control-chars] unexpected: SKILL.md contained prompt-injection indicators (unicode control characters). This is not expected for an education visualization skill and could be an attempt to influence agent parsing; inspect the SKILL.md raw content and sanitize before use.
What to consider before installing
This skill appears to do what it says (generate GeoGebra configs, plots, quizzes and diagnose misconceptions), but several red flags mean you should not install it into a production or privileged environment without review: - Review the code before running. Several modules (plot_interactive.py and others) use Python's eval() on strings that originate from user input or templates; that enables arbitrary code execution if a malicious string is passed. Consider replacing eval with a safe math parser (e.g., sympy parsing + lambdify) or strict sanitization. - Run it in an isolated/sandboxed environment first (container or VM) and inspect what files it writes. hermes.config.yaml sets auto_save_visualizations and the skill uses FileWrite — ensure outputs cannot overwrite sensitive files and that saved paths are limited to a safe directory. - Fix dependency/declaration mismatches: requirements.txt does not list scipy but the plotting code imports it; SKILL.md lists OPENCLAW_SKILLS_PATH while registry metadata shows none. Ensure the runtime environment supplies the actual dependencies and declared env vars. - Inspect SKILL.md and prompt templates for hidden control characters or prompt-injection content (scanner flagged unicode-control-chars). Remove or normalize unexpected unicode controls. - If you accept the risk, run the provided tests (tests/test_skill.py) in an offline sandbox to verify behavior. If you maintain the skill, remove or guard all eval calls and validate/parse mathematical expressions safely. If you are not comfortable auditing Python code, prefer not to install this skill or request a reviewed/official release with sanitized parsing and corrected metadata.
tools/plot_interactive.py:55
Dynamic code execution detected.
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.

Like a lobster shell, security has layers — review code before you run it.

latestvk979ekr4khx4yyqkmf01113wq984gtfn

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments