ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Validation Rules Builder

v2.1.0

Build validation rules for construction data. Create RegEx and logic-based validation for BIM elements, cost codes, and schedule data.

0· 1.1k·1 current·1 all-time
by@datadrivenconstruction
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name and description match the content of SKILL.md and instructions.md: the skill builds regex and logic-based validation rules for construction/BIM/cost/schedule data. Declaring python3 as a required binary and filesystem permission is consistent with the included Python examples and the skill's intent to accept and process user-provided files (CSV/Excel/JSON).
Instruction Scope
The SKILL.md and instructions.md focus on accepting user data, building/validating rules, and returning structured results. There are no instructions to read unrelated system files, access environment secrets, call external endpoints, or exfiltrate data. The instructions explicitly constrain processing to user-provided or skill-referenced data.
Install Mechanism
There is no install specification and no code files to execute; this is an instruction-only skill. That is the lowest-risk install model and consistent with the provided documentation and examples.
Credentials
The skill declares no environment variables, no credentials, and no config paths. The claw.json manifest lists filesystem permission, which is proportionate because the skill accepts file paths and processes user-supplied files. No unrelated credentials or broad environment access are requested.
Persistence & Privilege
always is false and the skill is user-invocable; model invocation is not disabled (normal). The skill does not request permanent presence, nor does it ask to modify other skills or system-wide settings.
Assessment
This skill appears to do what it says: build and apply validation rules to user-provided construction data. Before installing or running: (1) confirm you only supply non-sensitive project files (do not upload credentials, private keys, or unrelated system files); (2) review the Python examples locally if you plan to execute any code snippets—there are no packaged binaries or installs, so running sample code will happen in your environment; (3) verify the publisher/site (homepage provided) if you need vendor provenance; and (4) if you want stronger isolation, run processing in a sandbox or throwaway environment since the skill expects filesystem access to read user files.

Like a lobster shell, security has layers — review code before you run it.

latestvk97akec471m4vzaev7nvje08hx817dbb

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

✔️ Clawdis
OSmacOS · Linux · Windows
Binspython3

Comments