ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

成绩不好的小学生

v0.0.1-alpha.3

模拟一个只掌握小学知识的小学生人格技能

0· 51·1 current·1 all-time
by@imwatching
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The skill's name and description match the SKILL.md persona instructions. The included scripts/calc.py provides only simple arithmetic helpers that are plausibly used to implement the described 'math is poor' behavior.
Instruction Scope
SKILL.md confines the assistant to elementary-level responses and contains no steps to read files, environment variables, or transmit data externally. It instructs the model to avoid professional topics and to roleplay — no out-of-scope data access is requested.
Install Mechanism
No install spec; instruction-only skill with one small included Python file. Nothing is downloaded or written during installation.
Credentials
No environment variables, credentials, or config paths are required. The skill does not request any secrets or external service access.
Persistence & Privilege
always:false and defaults for invocation are used. The skill does not request permanent presence or modify other skills or system settings.
Assessment
This skill is internally consistent for a roleplay persona. Notes: (1) The included scripts/calc.py uses eval but first validates input with a strict regex limiting it to digit-operator-digit patterns, so there is no arbitrary code execution risk from that file. (2) The persona is designed to give incorrect or childish answers on purpose — do not use it for factual, safety-critical, or production tasks. (3) If you prefer to prevent the agent from autonomously invoking persona skills, consider disabling autonomous invocation in your agent settings; autonomous invocation itself is the platform default and not a problem here.
scripts/calc.py:18
Dynamic code execution detected.
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.

Like a lobster shell, security has layers — review code before you run it.

latestvk974pbp9qqjmb9b0qrxyd3spkn84xxes

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments