ClawHub

Beijing

v1.0.0

Navigate Beijing as visitor, resident, tech worker, student, or entrepreneur with neighborhoods, transport, costs, visas, and local insights.

0· 373·0 current·1 all-time
byIván@ivangdavila
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (Beijing guide) align with the provided files: many topical markdown files (neighborhoods, visas, transport, costs, etc.). The skill requires no binaries, secrets, or external services, which is appropriate for a static content guide.
Instruction Scope
SKILL.md instructs the agent to identify user context and load the relevant auxiliary markdown files included in the skill. Those instructions are in-scope for a content guide. However, the SKILL.md claims the agent should provide "practical guidance with current data" — the packaged files include a snapshot (Feb 2026) but no explicit mechanism for getting live updates. Also, a prompt-injection detector flagged unicode-control-chars in SKILL.md (see scan_findings_in_context); invisible characters can be used to try to alter parsing/behavior and should be inspected before trusting automated execution.
Install Mechanism
No install spec and no code files — instruction-only content. This minimizes persistence and attack surface; nothing is downloaded or written to disk by an installer.
Credentials
The skill requests no environment variables, no credentials, and no config paths. That is proportionate for a static informational guide.
Persistence & Privilege
always:false and default autonomous-invocation settings. The skill does not request elevated or persistent privileges and does not modify other skills or system-wide configs.
Scan Findings in Context
[unicode-control-chars] unexpected: A detector found unicode control characters inside SKILL.md. For a static guide this is unexpected; such characters can be benign formatting artifacts but may also be used to hide or obfuscate text or to influence parsers. Because this is an instruction-only skill, review the SKILL.md for invisible characters before enabling trust-based automated invocation.
Assessment
This skill appears coherent and low-risk: it's a static travel/relocation guide for Beijing with no installers, no credentials requested, and no system access. Before installing or enabling autonomous use, (1) quickly open SKILL.md in a text editor that can reveal invisible characters and remove any suspicious control characters, (2) confirm you understand that the skill contains snapshot content (Feb 2026) and does not fetch live external data by itself, and (3) if you enable autonomous invocation, limit its scope (e.g., require user confirmation for actions that would fetch external data or send messages) so the agent cannot act on its own without your review.

Like a lobster shell, security has layers — review code before you run it.

latestvk974449hf7aadffty3v8hqy6ds81p0gm

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🏯 Clawdis
OSLinux · macOS · Windows

Comments