ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Anthropic Usage

v1.0.0

Format for Anthropic API usage reports generated by anthropic-report.py. Use this skill when creating, modifying, or discussing the format of Anthropic proxy...

0· 48·0 current·0 all-time
by@kubiczech808
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description describe formatting Anthropic usage reports and the package contains a report formatter, a patcher to insert that formatter into an existing anthropic-report.py, and a localization preset — all directly relevant to the stated purpose.
Instruction Scope
SKILL.md stays on-topic: it documents formatting rules, describes LANG localization, and instructs how to apply the reference formatter using patch_format.py. The patch script reads and overwrites a target Python script (creating a .pre-format-patch backup) — this is expected for a patch tool but means users should only run it on trusted files/paths.
Install Mechanism
No install spec, no downloads, and no external package installs — instruction-only with bundled reference scripts. This minimizes install-time risk.
Credentials
The skill requires no environment variables, binaries, or credentials. The code does not attempt to read secrets or network endpoints. It expects the target script to supply functions/objects such as get_pricing and CET timezone, which is reasonable for integrating the formatter.
Persistence & Privilege
always is false, and the skill does not request persistent system-wide privileges. The patch tool writes only the specified target file and a local backup; it does not modify other skills or global agent settings.
Assessment
This skill appears to do exactly what it says: add/replace a format_report implementation and provide localization. Before running patch_format.py, do a dry run (use --dry-run) and inspect the preview and the created backup (.py.pre-format-patch). Only run the patch on a trusted anthropic-report.py copy and verify the target defines the expected helpers (get_pricing, CET timezone, aggregate behavior) — otherwise the patched script may fail. Because the patcher overwrites files, avoid running it with elevated privileges or on system-wide scripts unless you have a backup and have reviewed the replacement function.

Like a lobster shell, security has layers — review code before you run it.

anthropicvk9774w33dm6zkvcnrk57042nqh83skbdapivk9774w33dm6zkvcnrk57042nqh83skbdcachevk9774w33dm6zkvcnrk57042nqh83skbdclivk9774w33dm6zkvcnrk57042nqh83skbdlatestvk9774w33dm6zkvcnrk57042nqh83skbdreportvk9774w33dm6zkvcnrk57042nqh83skbdrequestsvk9774w33dm6zkvcnrk57042nqh83skbdspendingsvk9774w33dm6zkvcnrk57042nqh83skbdtokensvk9774w33dm6zkvcnrk57042nqh83skbdusagevk9774w33dm6zkvcnrk57042nqh83skbd

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments