ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Research Tools Skill

v1.0.0

科研工具包 - 包含文献搜索、数据分析、代码开发等科研常用工具

0· 66·0 current·0 all-time
byJiang Junwei@jonjiang96
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description (文献搜索、数据分析、代码开发) aligns with the declared binary requirements (python, node, git). Requesting python and git is reasonable; node is plausible for some tooling though not clearly justified in SKILL.md but not disproportionate.
!
Instruction Scope
SKILL.md instructs the agent to run web_search/web_fetch against arbitrary URLs and to exec arbitrary Python commands (python -c '...'), which is expected for a research tool but also allows arbitrary code execution and retrieval of arbitrary external content. The sessions_spawn runtime:"acp" command is opaque — it appears to create/spawn a runtime/session (potentially remote) and is not explained in the README, increasing the risk of unexpected network activity or data transfer.
Install Mechanism
Instruction-only skill with no install spec or downloads; lowest install risk because nothing is written to disk by the skill package itself.
Credentials
No environment variables or credentials requested. The lack of secrets is proportionate to the described capabilities.
Persistence & Privilege
always:false and normal autonomous invocation (disable-model-invocation:false). No requests to modify other skills or system-wide configs. Autonomous invocation is expected; not combined with other high-privilege requests.
What to consider before installing
This skill is broadly consistent with a 'research toolkit' but grants the agent the ability to run arbitrary code and fetch arbitrary URLs. Before installing, confirm: (1) what the platform's web_search/web_fetch and sessions_spawn tools actually do and which external endpoints they contact; (2) whether running arbitrary python -c is allowed on your agent runtime and whether it can access sensitive files; (3) that you trust the agent's autonomy for these actions. If you need stricter controls, block or audit outgoing network calls, restrict sessions_spawn runtimes, and prevent running unreviewed exec commands with access to private data.

Like a lobster shell, security has layers — review code before you run it.

latestvk979ndn4yrqgzwknh0na17ypx984bfb8

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🔬 Clawdis
Any binpython, node, git

Comments