Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Summary Budget Model And New Script
v1.0.0用于总结和更新预算数据模型及脚本技能。当用户发出【总结对话内容】指令时,从对话历史中提取新的脚本写法、数据模型和字段信息,更新到 platform-script 和 budget-data-model 技能中。
⭐ 0· 37·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description (summarize dialog and update budget/script skills) aligns with the SKILL.md instructions to extract content and append to platform-script and budget-data-model files. Minor naming inconsistencies across docs (e.g., 'BudgetDataModelSkills' vs 'budget-data-model') and assumed file paths may cause errors but are not themselves malicious.
Instruction Scope
Instructions direct the agent to '回顾对话历史' and extract any new script patterns, API usage, table/field definitions, then append them into other skills' files and update SKILL.md. There is no explicit sanitization for secrets/PII, no requirement for user confirmation before writing, and verification steps (API existence, syntax checks) are vague. This grants broad discretion to capture and persist conversation content, which could inadvertently store sensitive data or propagate undesired content.
Install Mechanism
Instruction-only skill with no install steps, no external downloads, and no declared binaries or packages. Low installation risk.
Credentials
No environment variables or external credentials are requested, which is consistent with a local file-update skill. However, the skill requires write access to other skills' directories (platform-script-skills, BudgetDataModelSkills), which is a form of privileged file access not declared as an explicit requirement.
Persistence & Privilege
The skill writes to and updates other skills' files and their SKILL.md, and creates backups under references/backup. Modifying other skills' content is a notable privilege: it can change behavior of other components and persist content across sessions. While 'always' is false, autonomous model invocation is allowed by platform default — combined with write privileges this increases blast radius if misused.
What to consider before installing
This skill will read conversation history and automatically append extracted scripts and data-model entries into other skills' files. Before installing, consider: 1) Do you want an automated process that can write into other skill directories? 2) Ensure it cannot accidentally copy secrets/PII from conversations—ask for a sanitization step (e.g., redact emails, API keys, passwords) before any write. 3) Require an explicit user confirmation prompt before making file changes, or restrict the skill to produce a proposed patch for manual review. 4) Verify and test in a safe/staging workspace to confirm paths and naming are correct (there are minor path/name inconsistencies in the docs). 5) Audit the update_log.md and backup directory regularly and limit write permissions so the skill can only modify intended files. If you need lower risk, prefer a variant that only suggests updates (read-only) rather than performing automatic writes.Like a lobster shell, security has layers — review code before you run it.
automationvk97fwjaxdrbes7rspkrb0q9hhx83scc6budgetvk97fwjaxdrbes7rspkrb0q9hhx83scc6knowledge-managementvk97fwjaxdrbes7rspkrb0q9hhx83scc6latestvk97fwjaxdrbes7rspkrb0q9hhx83scc6scriptvk97fwjaxdrbes7rspkrb0q9hhx83scc6summaryvk97fwjaxdrbes7rspkrb0q9hhx83scc6updatevk97fwjaxdrbes7rspkrb0q9hhx83scc6
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
🔄 Clawdis