ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

TRPG Session

v1.0.0

Set up and run TRPG (tabletop RPG) campaigns using OpenClaw multi-agent framework. Creates DM and PC agents with independent personalities, memories, and rul...

0· 31·0 current·0 all-time
byLeon Ge@gejiliang
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description match the provided SKILL.md, templates, and references. Creating campaign workspaces (~/.openclaw/trpg/...), SOUL.md for DM/PC, session logs, and rule references is coherent with a TRPG session manager. Mentions of vector DB and Discord/Feishu integration are expected capabilities for indexing and multiplayer channels.
!
Instruction Scope
The SKILL.md contains explicit systemPrompt examples and YAML that tell the platform how to construct agent system prompts and behavior. The pre-scan flagged a 'system-prompt-override' pattern. While templates are normal for agent configuration, these same constructs can be used to inject or override system-level instructions (prompt injection). The doc also suggests optional external components (lancedb-pro vector DB) and describes writing/reading files under the user's home — both legitimate but worth auditing. The instructions do not request credentials but imply use of channel connectors (Discord/Feishu) without describing how credentials are handled.
Install Mechanism
Instruction-only skill with no install spec and no code files. Nothing will be downloaded or written by an installer beyond what the operator creates per the workflow, which is lower risk than arbitrary installs.
Credentials
The skill declares no required environment variables or credentials, which is consistent with being instruction-only. However, it presumes integration with Discord/Feishu channels and optionally a vector DB plugin (lancedb-pro). Those integrations typically require tokens/config not declared here — ensure platform-level connectors supply them and the skill is not asking users to paste secrets into SOUL or config files.
Persistence & Privilege
always:false and no cross-skill config modification. The only persistent action described is creating campaign files under ~/.openclaw/trpg/, which is reasonable for session data and agent workspaces. The skill does not request to run always or modify other skills.
Scan Findings in Context
[system-prompt-override] unexpected: The SKILL.md includes systemPrompt templates (YAML) to be written into agent configs. That is expected for an agent-template skill, but the pattern detector flagged it because such content can be used to override model/system prompts — a common vector for prompt injection. Recommend manual review of any systemPrompt/SOUL.md content before deployment.
What to consider before installing
This package appears to be a legitimate TRPG session framework, but exercise caution before enabling it widely. What to do before installing: - Manually inspect any systemPrompt and SOUL.md files you create or the templates provided; do not copy untrusted system-level instructions verbatim. System prompts can change agent behavior at a foundational level. - Ensure Discord/Feishu integration is handled by your platform (connectors) and not by pasting bot tokens into campaign files. Never store secrets in public campaign files. - If you enable vector DB (lancedb-pro) for indexing, understand where embeddings and texts are stored and who can access them; sensitive campaign secrets or private player info should be excluded or encrypted. - Run the skill in a sandbox or a single test campaign first, with limited agent permissions and no sensitive data, to observe behavior (especially dice-rolling, private/secret logs, and how 'private' DM notes are handled). - If you allow autonomous invocation, consider restricting the agents' channel triggers (mentionOnly) and auditing generated session files regularly. If you want, I can highlight exact lines in the SKILL.md and templates that are highest risk and suggest safer alternatives for system prompts and secret handling.
!
SKILL.md:52
Prompt-injection style instruction pattern detected.
About static analysis
These patterns were detected by automated regex scanning. They may be normal for skills that integrate with external APIs. Check the VirusTotal and OpenClaw results above for context-aware analysis.

Like a lobster shell, security has layers — review code before you run it.

latestvk9783v0nnzmbcc87fffk9jqy9984284w

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments