ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

DaoReview

v1.0.0

文档审核评分工具。当用户要求"审核文档"、"检查文档"、"给文档打分"、"评估文档"、"分析文档"、或上传 .docx/.txt/.md 文件进行审查时触发。执行文档内容分析,从结构完整性、内容质量、格式规范、逻辑性等维度给出评分和改进建议。

0· 56·0 current·0 all-time
by@douglasliu
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The skill's name/description (document auditing for .docx/.txt/.md) aligns with the SKILL.md content. However, the instructions explicitly call external binaries (pandoc, docx2txt, unzip, sed, cat) while the skill metadata lists no required binaries — a mismatch that should be clarified.
!
Instruction Scope
The SKILL.md instructs the agent to run shell commands that read files from arbitrary paths (e.g., pandoc "path" -t plain, unzip -p ...). That is coherent with processing uploaded documents, but it also permits reading any filesystem path the agent is given, and uses shell pipelines (sed, unzip) that could be abused if inputs/paths are not strictly constrained or sanitized. The instructions do not explicitly limit processing to user-supplied uploads or warn about path sanitization.
Install Mechanism
Instruction-only skill with no install spec — lowest install risk. Nothing is written to disk by an install step. The remaining risk is runtime (shell command execution), not installation.
Credentials
No environment variables, credentials, or config paths are requested — which is proportionate for a document-review tool.
Persistence & Privilege
The skill is not marked 'always' and does not request elevated/persistent privileges. It can be invoked by the agent (default), which is expected for skills of this type.
What to consider before installing
This skill appears to do what it says (review documents and output a scored report) but it expects to run shell tools to extract text and will read files at paths you provide. Before installing or enabling it: 1) Confirm whether your agent runtime has pandoc, docx2txt, unzip, sed, and cat available — the SKILL.md references these but the skill metadata doesn't declare them. 2) Ensure the agent is sandboxed and will only process files you explicitly upload (prevent it from being given arbitrary system paths). 3) Prefer a version that declares required binaries or provide a wrapper that sanitizes/validates file paths and filenames to avoid path-injection. 4) Avoid uploading sensitive documents (PII, secrets) until you trust the runtime environment. If you need higher assurance, ask the publisher for source code or a manifest that declares required binaries and explains how inputs are constrained.

Like a lobster shell, security has layers — review code before you run it.

latestvk974dxj0c1a2c0w01rnsqtzzhd83x65d

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments