ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Meeting Notes Assistant

v1.0.0

会议纪要智能助手。使用本地 Whisper 音频转写(离线、隐私安全),生成结构化会议纪要(时间、议题、结论、待办、关键词),提取 Action Items。支持 Word / PDF / 邮件输出,适合录音转写、会议归档与待办分发。触发关键词:「整理会议纪要」、「生成会议纪要」、「录音转纪要」。

0· 50·0 current·0 all-time
by@liugouxiong
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
high confidence
Purpose & Capability
The name/description (offline Whisper-based meeting notes) matches the included code (transcribe_audio.py, generate_notes.py, export_*.py, domain dictionaries). However the SKILL.md and README make conflicting claims: they advertise "零配置/无需 API key" and "完全离线", yet the core summarization (generate_notes.py) is described as calling an OpenAI-compatible LLM and the project contains code for cloud services/Feishu/email export. Requiring optional cloud LLM or Feishu/email integration is plausible for the feature set, but the package metadata declares no required env vars/credentials which is inconsistent with the runtime instructions.
!
Instruction Scope
Runtime instructions explicitly read/write local configuration and databases under ~/.workbuddy/, download a large Whisper model (~3GB) to ~/.cache/whisper/, call LLM endpoints (llm_base_url + llm_api_key) and provide Feishu/email publish flows. Those network interactions (LLM API, publishing to Feishu, optional cloud ASR) are only conditional, but the SKILL.md instructs the user to store API keys in a local config and/or via environment variables; that behavior is not disclosed in the skill metadata. The instructions also allow automatic downloading of model weights from the given azureedge URL — a network operation that will fetch large binary content.
Install Mechanism
There is no installer spec (instruction-only metadata), but the package includes Python scripts and a requirements.txt. The SKILL.md points to an automatic model download from https://openaipublic.azureedge.net/main/whisper/large-v3.pt. Using a CDN-hosted model is common, but the URL is not a GitHub release or clearly signed official build; this should be verified. No other unusual installers are used (standard pip requirements).
!
Credentials
The registry metadata declares no required environment variables or credentials, but the SKILL.md requires or supports: OPENAI_API_BASE / OPENAI_API_KEY / LLM_MODEL (or an equivalent config file at ~/.workbuddy/meeting-notes-config.json), and email/Feishu publishing will require credentials/config. That mismatch (undeclared sensitive config usage) is a red flag: the skill will ask to store API keys locally and may call external LLM/APIs if configured. Users expecting a strictly offline tool may be surprised and could inadvertently send transcripts to third-party servers by configuring LLM or cloud ASR.
Persistence & Privilege
The skill runs as a set of local Python scripts and writes config/data under ~/.workbuddy/ and ~/.cache/whisper/; it does not request force-inclusion (always:false) nor modify other skills or system-wide agent settings. Writing its own config/db files is expected for this functionality and is proportionate.
Scan Findings in Context
[unicode-control-chars] unexpected: A pre-scan detected unicode-control characters in SKILL.md. This can be a benign formatting artifact, but it is listed as a potential prompt-injection pattern and should be reviewed because it could attempt to manipulate parser/agent behavior when loading the document.
What to consider before installing
This package implements local transcription and structured note generation, but before installing you should: 1) Verify the source (there is no homepage and owner ID is unknown). 2) Inspect scripts that perform network I/O (model_downloader.py, any code that calls LLM endpoints, publish_feishu.py, send_email.py) to confirm what endpoints are contacted and how credentials are used/stored. 3) If you need strictly offline operation, run generate_notes.py with --no-llm and avoid configuring LLM/API keys; confirm transcribe_audio.py is used locally. 4) Verify the model download URL (openaipublic.azureedge.net...) and consider downloading model weights manually from a trusted source or checking checksums before use. 5) Be cautious storing API keys in ~/.workbuddy/meeting-notes-config.json — prefer environment variables with appropriate filesystem permissions or a secrets manager. 6) Consider running the package in an isolated environment (VM or container) for initial testing, and review FEISHU / email publishing code before enabling those integrations. 7) The unicode-control-chars finding in SKILL.md should be inspected — remove or normalise any suspicious invisible characters before use. If you want, I can highlight the specific files/functions that call external networks and show exactly where API keys would be read/written.

Like a lobster shell, security has layers — review code before you run it.

latestvk97bxrt4p062e1jyxg49kj6rt184fa3b

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments