Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
my study pal
v1.0.0成人自学伴学助手,制定学习地图,讲故事引导理解,提供练习闯关和学习回顾,帮助用户高效掌握知识。
⭐ 0· 39·0 current·0 all-time
by@ivanyqw
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The skill describes a workspace-backed study assistant that reads USER.md, memory/user-profile.md, project documents and writes session files, exercises, and a global 错题本.md. Those file accesses and write actions are coherent with a learning assistant, but the registry metadata declares no required config paths or files. The omission of any declared file/config requirements is inconsistent and hides the fact that the skill expects filesystem access to user data.
Instruction Scope
SKILL.md explicitly instructs the agent to read specific files (USER.md, memory/user-profile.md, MEMORY.md, project docs), to save progress into sessions/ files after every knowledge point, to append to 错题本.md when requested, and to '制定 cron 提醒任务' (create cron reminders). These are concrete file I/O and system-scheduling actions outside a simple chat-only assistant; they expand the skill's runtime scope and could access or modify personal data and system schedule/configuration.
Install Mechanism
There is no install spec and no code files — the skill is instruction-only. That minimizes installation risk (nothing is downloaded or written at install time).
Credentials
The skill declares no environment variables or credentials, yet its runtime instructions require persistent read/write access to workspace files and creation of cron entries. Requesting filesystem and scheduling privileges without declaring them is disproportionate because it obscures what resources and permissions the skill will use.
Persistence & Privilege
The skill will write session files and can create cron reminders, which creates persistent state on the host. Although 'always' is false and autonomous invocation is allowed by default, the instruction to set cron jobs effectively grants the skill a means to schedule future activity on the system — a persistent capability that should be explicitly disclosed and controlled.
What to consider before installing
Before installing or enabling this skill, consider the following: (1) SKILL.md instructs the agent to read and write user-profile and session files and to create cron reminders, but the skill metadata does not declare any required config paths — ask the publisher to clarify exactly which files/paths it will access and where it will store data. (2) If you proceed, run the skill in a restricted/sandbox workspace (or with a test account) so it cannot touch sensitive files. (3) Confirm how cron reminders are created (will it edit crontab, use a system scheduler, or ask you to confirm?). Require explicit user approval before the skill writes files or schedules tasks. (4) If you need stronger guarantees, request a code-based implementation or a manifest that declares config paths and a clear data-retention policy. These steps reduce risk of unintended file modification or persistent scheduled actions.Like a lobster shell, security has layers — review code before you run it.
latestvk97d83ewc6hkcjjf0104f825mh83w5g3
License
MIT-0
Free to use, modify, and redistribute. No attribution required.