ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Break Even Analysis Calculator

v1.0.0

Provides break-even analysis frameworks, structured insights, actionable recommendations, and next-step checklists without executing code or financial transa...

0· 83·1 current·1 all-time
byhaidong@harrylabsj

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for harrylabsj/break-even-analysis-calculator.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Break Even Analysis Calculator" (harrylabsj/break-even-analysis-calculator) from ClawHub.
Skill page: https://clawhub.ai/harrylabsj/break-even-analysis-calculator
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install break-even-analysis-calculator

ClawHub CLI

Package manager switcher

npx clawhub@latest install break-even-analysis-calculator
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description (break-even frameworks, descriptive) aligns with the code and tests which generate JSON recommendations and templates. Nothing in the manifest requests unrelated credentials or binaries.
!
Instruction Scope
SKILL.md asserts 'No real code execution' and 'No external API calls', yet the package contains an executable handler.py that will be run when the skill is invoked (the tests call handle()). The handler itself is simple, only parses input strings and returns JSON; it does not access files, environment variables, network, or external endpoints. The inconsistency is that the skill claims no code execution while providing runnable code — this mismatch is the primary concern.
Install Mechanism
No install spec. Instruction-only install and local code files only; nothing is downloaded from external URLs or installed globally. Lowest-risk install mechanism.
Credentials
No required environment variables, no credentials, and the code does not read env vars or config paths. The requested access is proportional to the stated purpose.
Persistence & Privilege
always:false and normal autonomous invocation settings. The skill does not request persistent presence or system-level configuration changes.
What to consider before installing
This skill appears to implement a simple, local break-even analysis generator and does not request credentials or network access — that part is benign. However, SKILL.md explicitly says 'No real code execution' while the package includes an executable handler.py and test code that will run locally when the skill is invoked. If you expect a purely instruction-only, non-executable skill, this is inconsistent. Recommendations: - Inspect handler.py yourself (you can; it’s short) or run it in a sandbox to confirm behavior. - Ensure the runtime enforces no outbound network access if you want to guarantee 'no external API calls'. - If you need strict assurance of no local execution, do not install this skill as-is or ask the author to remove executable code and provide only SKILL.md. I have medium confidence in this assessment; additional information (author contact, explicit runtime policy, or a statement that the agent will never execute the bundled code) would raise confidence.

Like a lobster shell, security has layers — review code before you run it.

latestvk971svjd695z0brh72k0tth1x5855vcj
83downloads
0stars
1versions
Updated 1w ago
v1.0.0
MIT-0
haidong@harrylabsj
latest
Download

Break-Even Analysis Calculator

Overview

Provides break-even analysis frameworks. This is a descriptive skill that provides frameworks and templates without executing real code.

Safety

  • No real code execution
  • No external API calls
  • No financial transactions
  • Informational only

Outputs

  • Structured analysis
  • Actionable recommendations
  • Next steps checklist

Comments

Loading comments...