ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Product Title Analyze

v1.0.0

对产品标题进行分词分析,提取词频、场景词、人群词、材质词等属性维度。当用户想分析产品标题、提取标题高频词、进行标题分词、发现场景词或人群词、对比不同商品的标题关键词用法、基于词频优化Listing标题、识别一组ASIN中的常见属性规律、title tokenization, word frequency anal...

0· 32·0 current·0 all-time
by@linkfox-ai
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description match the files: this is a product-title tokenization / word-frequency tool that calls an external API. However, the skill metadata declares no required environment variables while the included code and API reference expect an API key (LINKFOXAGENT_API_KEY). That mismatch is unexplained.
!
Instruction Scope
SKILL.md says the tool "automatically collects products from all prior steps in the current conversation" and the API/reference expect you to POST product data (or allow the skill to use conversation data). This means the skill will aggregate conversation content (titles, possibly prices, ASINs, images, sales metrics) and send it to https://tool-gateway.linkfox.com. There are no instructions to filter or redact sensitive fields before sending.
Install Mechanism
No install script or downloads; it's instruction-only plus a small helper script. Nothing on-disk is fetched from third-party URLs during installation.
!
Credentials
The helper script and API docs require LINKFOXAGENT_API_KEY for Authorization, but the skill metadata did not declare any required env vars or a primary credential. Requiring an API key for the remote service is reasonable for this purpose, but the omission in the manifest is an incoherence that could mislead users. Also, sending conversation/product metadata to an external service is a proportionality decision users should be aware of.
Persistence & Privilege
The skill is not always-enabled and does not request system config paths or persistent privileges. It does allow normal autonomous invocation (platform default), which increases blast radius if the skill is trusted, but that alone is not flagged here.
What to consider before installing
Before installing: (1) Confirm you trust the LinkFox endpoints (tool-gateway.linkfox.com and skill-api.linkfox.com). The skill will aggregate prior-conversation product data (titles, ASINs, prices, images, etc.) and POST it to that external API. (2) The package omits declaring the required LINKFOXAGENT_API_KEY in its manifest even though both the helper script and the API docs require it — ask the publisher to add explicit env requirements and documentation. (3) If you have sensitive data, do not allow the skill to run on real product data until you verify privacy/retention policies for the remote service; test first with non-sensitive samples. (4) Consider disabling autonomous invocation for this skill or restricting its use, and only provide an API key with least privilege and monitoring if you decide to trust it. (5) If anything is unclear (who runs the service, what data is logged/retained), request those clarifications from the skill author before granting credentials.

Like a lobster shell, security has layers — review code before you run it.

latestvk9786zdygrzx3n8bg16tnxnehh840mvw

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments