ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Writing Style Skill

v1.0.0

可复用的写作风格 Skill 模板。内置自动学习: 从你的修改中自动提取规则,SKILL.md 越用越准。 Fork 后改成你自己的风格。

0· 103·0 current·0 all-time
by@jzocb
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
The name/description promise an auto-learning writing-style template; scripts/README/SKILL.md implement exactly that: recording original/final texts, diffing edits, calling an LLM to extract rules, and merging proposals into SKILL.md. The required operations (file I/O in user home, calling an LLM CLI) are coherent with the feature set.
Instruction Scope
Runtime instructions tell the agent/user to run python scripts that record drafts/finals and run an 'improve' flow. These scripts read and write files under user home (~/clawd, ~/.openclaw, ~/.claude or a configurable SKILL_LOG_DIR), and they send content (original/final excerpts up to several KB) to a local LLM CLI (claude/llm or a custom IMPROVE_LLM_CMD). This is expected for the task, but the skill will store copies of generated and human-edited content and will include that content in prompts to whatever LLM CLI is configured.
Install Mechanism
No external download/install spec is present (instruction-only install). The repo includes two Python scripts and docs; there is no remote URL or archive download. The code will be placed on disk as part of skill installation, which is normal for this type of skill.
Credentials
The skill declares no required env vars or credentials. Scripts accept optional env vars (SKILL_BASE_DIR, SKILL_LOG_DIR, SKILL_TARGET_PATH, SKILL_PROPOSAL_DIR, SKILL_BACKUP_DIR, IMPROVE_LLM_CMD). These are reasonable for configuring paths and the LLM command, but IMPROVE_LLM_CMD can point to any command — ensure it is set to a trusted CLI. No unrelated cloud credentials or secrets are requested.
Persistence & Privilege
always:false (good). The skill writes logs, proposals, backups, and can update SKILL.md in-place via improve.py. The 'auto' mode will generate proposals and (when used with auto-apply) will apply P0 rules automatically; combined with automated invocation (cron or an agent run), this could autonomously modify the skill file. That behavior matches the stated feature but is a capability you should be aware of and control.
Scan Findings in Context
[subprocess_run_llm_cli] expected: improve.py calls subprocess.run to invoke local LLM CLIs (claude, llm) or a custom IMPROVE_LLM_CMD. This is necessary for extracting rules but means content is sent to whatever LLM the CLI uses.
[file_io_home_paths] expected: observe.py and improve.py read/write JSONL logs, proposals, backups and SKILL.md under user home paths (~/clawd, ~/.openclaw, ~/.claude, or configured dirs). Storing drafts/finals locally is expected but results in persistent local copies of user content.
[modify_skill_md_via_llm] expected: improve.py constructs prompts and writes the LLM-generated updated SKILL.md back to disk. This automates updating the skill file, which is the feature; it also means malicious or erroneous prompts (or an untrusted LLM) could introduce unwanted changes if applied automatically.
Assessment
What to check before installing or running: - Review the two scripts (observe.py, improve.py) yourself to ensure you understand what they write and where. They will save AI originals and your final edits to local log directories (by default under ~/clawd/memory or ~/.claude/.openclaw memory paths). - The scripts send excerpts of original/final text to whatever LLM CLI is available (claude/llm or a command you set with IMPROVE_LLM_CMD). Only configure trusted LLM tooling; content will be included in prompts to that service. - Backups exist, but the improve.py 'auto' mode and the 'apply' command will modify SKILL.md in-place. Do not enable unattended auto-apply or cron jobs unless you are comfortable with automatic updates; review proposals (show) before applying. - To limit risk: set SKILL_LOG_DIR and SKILL_BACKUP_DIR to a dedicated folder, run the scripts in a test environment first, and avoid pointing IMPROVE_LLM_CMD at untrusted binaries. Keep copies of your SKILL.md or use version control so you can inspect changes. Overall: the skill is internally coherent for its stated purpose, but it performs persistent local storage and uses external LLM CLIs — exercise the usual caution with where generated/edited content is stored and which LLM endpoints receive it.

Like a lobster shell, security has layers — review code before you run it.

latestvk97a0gt5w8n6d6a002re1xkz6n83g78m

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments