ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Generate Mindmap

v1.0.2

生成交互式思维导图,支持从文本/摘要构建层级结构,直接输出 HTML、PNG、JPG、SVG、PDF、XMind 格式。所有图片格式仅需 pillow(pip install pillow),无需任何系统级C库。当用户要求生成思维导图、脑图、可视化结构图时调用。

1· 288·0 current·0 all-time
by@ftois
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description ask for generating mind maps and the package includes a Python script that produces HTML/PNG/JPG/SVG/PDF/XMind output. Requiring python3 and Pillow is reasonable and proportional to the described functionality. Writing outputs to ~/.openclaw/workspace is consistent with a user-facing exporter.
Instruction Scope
SKILL.md instructs the agent to run the included Python script with JSON input and to produce files (HTML/PNG/XMind) in the user's workspace — this matches purpose. However SKILL.md contains detected unicode-control-chars (potential prompt-injection/obfuscation signal) and explicitly instructs auto-installing Pillow; the doc also contains hard rules (emoji requirements) that the script enforces. No instructions request unrelated files, credentials, or external endpoints besides pip.
!
Install Mechanism
There is no declared install spec, but the script will attempt to auto-install Pillow at runtime via subprocess calling pip. The installed pip flags include '--break-system-packages' (and output is suppressed), which can alter system-managed Python installations on some platforms — this is potentially disruptive. The install is sourced from PyPI (pip), not an arbitrary URL, but automatic runtime installation without explicit user consent is a notable risk.
Credentials
The skill requests no credentials or special config paths. It creates files under the user's home (~/.openclaw/workspace) which is expected. There is no evidence of access to unrelated environment variables or secrets.
Persistence & Privilege
Skill is user-invocable and not always-enabled. It writes output files and may create the ~/.openclaw/workspace directory — expected for an exporter. The main privilege concern is the script's ability to install Python packages at runtime (modify system/site environment), but it does not request persistent platform-level privileges or modify other skills/configs.
Scan Findings in Context
[unicode-control-chars] unexpected: Control/unicode-hidden characters were detected in SKILL.md. These are not needed for a mindmap generator and could be an attempt to obfuscate or manipulate agents/readers; inspect SKILL.md raw before trusting it.
What to consider before installing
What to consider before installing or running this skill: - The functionality (generating interactive HTML and image/XMind exports) matches the code provided — that part appears coherent. - The included script will attempt to auto-install Pillow by invoking pip at runtime and uses the '--break-system-packages' flag in one install path; this can modify system-managed Python packages on some OSes. Prefer to manually install Pillow in an isolated environment (virtualenv/venv) rather than letting the script auto-install. - The SKILL.md contains hidden unicode control characters (prompt-injection signal). Review the SKILL.md and generate_mindmap.py source in a text editor that can show invisible characters; be cautious about any appended/hidden instructions. - Run the script in an isolated environment (non-root user, virtualenv or disposable VM/container) and inspect the full source for any network calls or subprocess invocations beyond pip before granting broader trust. - If you accept the skill, avoid running it as root. If you want to be extra safe, extract only the HTML generation parts or remove the auto-install code path before use. - If you need higher assurance, request the skill publisher/source or a signed/hosted release from a trustworthy repo; absence of a homepage/source increases uncertainty.

Like a lobster shell, security has layers — review code before you run it.

latestvk97bnavtwdvv0nq6vhp0syf6sh83941s

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Binspython3

Comments