Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
智能代码助手
v1.0.0智能理解和精准诊断代码,提供修复、重构建议及自动生成文档,提升代码质量与维护效率。
⭐ 0· 58·0 current·0 all-time
bybittao@hgta23
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description (智能代码助手) match the provided prompts and skill.json features. However, the skill promises deep capabilities (AST analysis, data-flow, architecture analysis, continuous learning) but the included runtime code (main.py) contains only simple stub methods that return static strings and perform no actual parsing, file I/O, or network work. Also metadata is inconsistent: top-level 'Homepage: none' / 'Source: unknown' vs skill.json claiming a GitHub repo URL. This is an overstated capability / provenance mismatch.
Instruction Scope
SKILL.md and prompt files instruct the agent to analyze 'provided code' and list checks to perform; they do not instruct reading arbitrary system files or environment variables. One function signature (analyze_architecture(project_path)) implies analyzing a project path, but the current implementation is a stub that does not access the filesystem. The result: instructions appear scoped to user-provided code, but the skill's marketing claims broader project-level analysis that would require filesystem access which is not implemented here. This discrepancy is scope/expectation drift rather than an explicit data-exfiltration instruction.
Install Mechanism
No install spec — instruction-only with a small code file. No downloads, no third-party installers, and nothing is written to disk by an installer. Low install risk.
Credentials
Skill requests no environment variables, credentials, or config paths. That is consistent with its current implementation which doesn't perform network calls or require external services.
Persistence & Privilege
always is false and the skill is user-invocable. There is no indication the skill requests persistent/system-wide changes or elevated privileges. Autonomous invocation is allowed by default but not flagged on its own.
What to consider before installing
This package is not obviously malicious — it neither asks for credentials nor installs external code — but it overpromises. The code shipped is a collection of stubs that return static text; it does not implement the advanced AST/data-flow/project analysis described in SKILL.md. Before installing or relying on it: 1) verify the claimed repository (skill.json points to a GitHub URL but the source/homepage in the registry is unclear); 2) treat the skill as untrusted for sensitive code — don’t provide secrets or private repo credentials; 3) if you need the advertised deep-analysis features, request evidence (tests, implementation, or a real parser) or prefer a skill with verifiable source; 4) watch for future versions that add filesystem or network access (e.g., analyze_architecture(project_path)) and re-evaluate permissions then. If you plan to let agents call this autonomously, prefer a sandboxed environment until you confirm its real behavior.Like a lobster shell, security has layers — review code before you run it.
latestvk97fbst1xh3mcv9jyxbyre8yr184a0rt
License
MIT-0
Free to use, modify, and redistribute. No attribution required.