ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

AI-Friendly Structured Writer

v1.0.0

Format any content into AI-readable structured formats that maximize citation probability. Converts unstructured text into GEO-optimized layouts using header...

0· 359·0 current·0 all-time
byGEOLY AI@geoly-geo
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The declared purpose (convert unstructured text into GEO-optimized layouts, add FAQs, tables, compute scores, produce an output report) aligns with a local formatting tool. However, the provided implementation is minimal: the Python script only reads an input file, lightly copies content, and appends a two-question FAQ. It does not implement many of the advertised features (no scoring, no automated header insertion, no table conversion, FAQ minimum is 3 in docs but script appends 2). This is a functional mismatch but not a security concern.
Instruction Scope
SKILL.md instructs running the included script on a local input file and describes expected output format. The script only reads the specified --input file and writes to --output (or stdout). It does not reference other files, env vars, system paths, or external endpoints. The scope is appropriately limited, but the runtime behavior is significantly less capable than the instructions claim.
Install Mechanism
No install spec is present (instruction-only with an included script). Nothing will be downloaded or written to system paths by an installer. Risk from installation actions is minimal.
Credentials
The skill requires no environment variables, credentials, or config paths. This is proportionate for a local formatting tool and there are no unexpected credential requests.
Persistence & Privilege
always:false (default) and no special persistence is requested. The skill can be invoked by the agent normally, which is expected for a user-invocable tool, and it does not modify other skills or system-wide settings.
Assessment
This skill appears benign and self-contained: it reads a local input file and outputs a formatted file or stdout, and it requests no credentials or network access. However, the actual implementation is very small and does not implement many of the features promised in SKILL.md (scoring, automated header insertion, table conversions, and the FAQ minimum of 3 questions). Before relying on it in production: (1) review the scripts/structure_content.py source (it's short and readable) and test with non-sensitive sample content, (2) expect limited functionality unless you or the author extend the script, and (3) if you need the full advertised behavior, request or implement enhancements rather than assuming they exist. Autonomous agent invocation is allowed by default but poses little risk here because the skill has no network/credential access.

Like a lobster shell, security has layers — review code before you run it.

formattingvk97eg37brb3xf4tv8n4h1k2af1821c9zgeovk97eg37brb3xf4tv8n4h1k2af1821c9zlatestvk97eg37brb3xf4tv8n4h1k2af1821c9zstructurevk97eg37brb3xf4tv8n4h1k2af1821c9zwritingvk97eg37brb3xf4tv8n4h1k2af1821c9z

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments