ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Drop a contract, get answers. lawclaw rips through PDFs, spots risky clauses, diffs redlines, checks citations, and searches thousands of discovery docs—locally, so nothing leaves your machine. Built for attorneys and paralegals who bill by the hour and can't waste one

v1.0.0

Drop a contract, get answers. lawclaw rips through PDFs, spots risky clauses, diffs redlines, checks citations, and searches thousands of discovery docs—loca...

1· 1k·2 current·3 all-time
byJagadeeshvar Muralidharan@jagadeeshmurali-coder
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the contents: SKILL.md contains shell workflows (pdftotext, grep, diff, pandoc, pdfinfo, find, wc) appropriate for local contract review, e-discovery, citation checks and redlines.
Instruction Scope
Instructions run local CLI tools against files (extract, grep, diff, rename). This is expected, but several commands modify or rename files (mv, batch pdftotext conversions, writing logs/diffs) so users should expect side effects. Also the SKILL.md uses 'wdiff' but wdiff is not listed as a required binary/install step.
Install Mechanism
Install spec uses Homebrew formulas (poppler -> pdftotext/pdfinfo and pandoc). These are well-known packages; no arbitrary downloads or code extraction are present.
Credentials
No environment variables, credentials, or config paths are requested — consistent with a local, offline document-processing tool.
Persistence & Privilege
always:false and user-invocable:true (defaults). The skill does not request persistent/system-wide privileges or modify other skills' configs.
Assessment
This skill appears to do what it says: local command-line recipes for contract review. Before you use it, back up your documents and run the suggested commands in a copy/test folder because many commands rename, overwrite, or create files (mv, batch pdftotext, redirecting output to logs/diffs). Confirm you have the required tools installed (brew poppler provides pdftotext/pdfinfo; pandoc via brew) and install wdiff if you need word-level diffs (wdiff is referenced but not declared). Review each command in SKILL.md line-by-line to ensure it won't alter files you care about, and run first on non-sensitive samples. If you work with very sensitive client data, consider running these workflows in an isolated environment (air-gapped or VM) to minimize accidental leakage and verify no telemetry is sent by any installed binaries.

Like a lobster shell, security has layers — review code before you run it.

latestvk970hwmefvs1b78x7ng3mjw85181dsz9

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

⚖️ Clawdis
Binspdftotext, diff, grep, pandoc

Install

Install pdftotext (brew)
Bins: pdftotext
brew install poppler
Install pandoc (brew)
Bins: pandoc
brew install pandoc

Comments