ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

MLOps Prototyping CN

v1.0.0

Structured Jupyter notebook prototyping with pipeline integrity

0· 560·0 current·0 all-time
byGuohongbin@guohongbin-git
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the included assets: SKILL.md documents a notebook-check workflow and the repo includes a small script (scripts/check-notebook.sh) that implements the check. No unrelated credentials, services, or installers are requested.
Instruction Scope
Runtime instructions only run a local shell script that opens the provided .ipynb and inspects cells. The script does not call external endpoints or read other filesystem paths, but it relies on python3 (not declared in metadata). The heuristics are simplistic (e.g., treating any digit in code as a 'magic number' unless RANDOM_STATE appears), and the outer shell prints a success message unconditionally after the Python block which may be misleading. No data exfiltration or broad system access is performed.
Install Mechanism
No install spec; instruction-only plus a small shipped script. Nothing is downloaded or extracted from remote URLs.
Credentials
No environment variables, credentials, or config paths are requested. The script only needs a local notebook file and a python3 runtime.
Persistence & Privilege
Skill does not request persistent/always-on presence, does not modify other skills or system settings, and contains no agents or background components.
Assessment
This skill appears coherent and low-risk: it runs a local script that reads a notebook file and prints checks. Before installing/running: (1) ensure python3 is available on the machine, (2) review scripts/check-notebook.sh yourself if you want to confirm behavior, (3) run it on non-sensitive copies of notebooks until you are comfortable with its heuristic false positives (its 'magic number' and import-detection heuristics are simplistic), and (4) be aware the wrapper prints a final 'Notebook check complete' message even when the internal check failed, so rely on the script's exit code rather than that message for CI gating.

Like a lobster shell, security has layers — review code before you run it.

chinesevk979tg067qxtf2wwqcmns6rh2s81eehxlatestvk979tg067qxtf2wwqcmns6rh2s81eehxmlopsvk979tg067qxtf2wwqcmns6rh2s81eehx

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments