ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Bettafish Opinion Analysis

v1.0.0

BettaFish(微舆)多智能体舆情分析系统 - 基于 QueryAgent、MediaAgent、InsightAgent 三引擎并行架构,通过 ForumEngine 实现 Agent 间协作讨论,生成 Word/PDF + 高设计质量 HTML 双格式报告。 当用户需要以下分析时触发此 skill: -...

0· 45·0 current·0 all-time
by@liyico
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The skill claims real-time web data collection and multi-format report output; the included scripts (data_collector.py, graph_generator.py, report_generator.py, sentiment_analyzer.py) and templates align with that purpose. However, the package declares no required binaries/env vars while documentation and scripts reference external tools (ffmpeg via video-frames, reportlab for PDF, docx-js for Word) and Google Fonts/CDN resources for HTML. The absence of declared dependencies and required binaries is an inconsistency the author should justify.
Instruction Scope
SKILL.md instructs the agent to use WebSearch/WebFetch/Browser/Curl to fetch live content and to generate Word/PDF/HTML using subskills. Those instructions stay within the stated purpose (data collection, analysis, report generation). Caveats: the skill recommends using curl to fetch arbitrary pages and embeds external CDN/Google Fonts in generated HTML; that may cause network requests when generating or rendering reports and could leak metadata if the reports contain sensitive info. The runtime instructions do not request unrelated system files or credentials.
!
Install Mechanism
There is no formal install spec despite a large codebase and subskills. README/SKILL.md suggest manual steps and installing global packages (npm install -g @anthropic-ai/claude-code, docx, OpenClaw, reportlab). The absence of an automated install manifest (e.g., package.json or explicit declared required binaries) is a red flag: required packages and binaries (ffmpeg for frame extraction, reportlab for PDF, docx-js for .docx generation, possibly system fonts) are implied but not declared, increasing the chance of runtime failures or manual installation of third-party tools.
Credentials
The skill does not request environment variables, API keys, or credentials in the manifest. The code and docs also do not embed secrets or request cloud credentials. This is proportionate to its stated purpose. Note: generated HTML references external CDNs (Google Fonts, ECharts, D3.js) which will cause outward network requests when a user opens the HTML report; that is expected for rich HTML but has privacy implications.
Persistence & Privilege
The skill is not force-included (always: false) and does not request elevated platform privileges in its metadata. It contains scripts that write out report files and may read local files for video-frame extraction; those behaviors are normal for a report-generation skill. Nothing in the package attempts to modify other skills or system-wide agent settings.
Scan Findings in Context
[EXTERNAL_CDN_USAGE] expected: SKILL.md and HTML templates include Google Fonts, ECharts, D3.js loaded from CDNs. This is expected for HTML report rendering but causes external network requests when reports are viewed.
[UNDECLARED_BINARY_FFMPEG] unexpected: The video-frames subskill includes frame.sh and references ffmpeg-like frame extraction; ffmpeg (or similar binary) is needed at runtime but is not declared in required binaries. This mismatch could lead to manual installation needs or confusion.
[UNDECLARED_PYTHON_JS_LIBS] unexpected: Docs/scripts reference reportlab (Python) and docx-js/npm packages for PDF/Word generation. Those dependencies are implied by code samples but not declared in an install spec or dependency manifest.
What to consider before installing
What to consider before installing: - Source and provenance: The repository/skill appears derived from an open-source project (README mentions GitHub), but registry metadata lists 'unknown' source/homepage. Prefer installing only from a trusted origin (official GitHub repo or verified publisher). - Missing install/dependency declarations: The skill contains many scripts and subskills but no install spec. You will likely need to install runtime dependencies manually (Python packages like reportlab, node/npm packages like docx, and system binaries such as ffmpeg). Confirm required packages and test in a controlled environment before running. - External network activity: The skill intentionally uses WebSearch/WebFetch/Browser/Curl to gather live web data — this is central to its purpose. Generated HTML includes external CDNs/Google Fonts/ECharts/D3.js; opening those reports will make outbound requests. If report content is sensitive, consider hosting libraries locally or disabling remote fonts to avoid telemetry/leakage. - Privacy and compliance: The skill aggregates public web content; ensure you are allowed to collect and process data from target platforms and that no private credentials or protected data are passed into the skill. The skill's docs claim 'no database' and 'no simulated data' — confirm that the actual runtime environment doesn't cache or persist sensitive inputs longer than intended. - Sandbox testing: Run the skill first in a sandboxed environment (non-production account, isolated VM) to observe: (1) what binaries it calls, (2) what external hosts it contacts, (3) any files written to disk. Verify behavior matches expectations before use with real or sensitive targets. - Verification steps: Ask the publisher for an explicit dependency/install manifest (requirements.txt, package.json, or an install script), confirm ffmpeg and Python/node package requirements, and request a statement of data handling/telemetry if you need stricter privacy guarantees. Given the above inconsistencies (undeclared dependencies and external resource loading), proceed cautiously. The skill appears functionally coherent with its description, but the missing install/dependency declarations and the use of external CDNs justify a 'suspicious' classification until those gaps are resolved.

Like a lobster shell, security has layers — review code before you run it.

latestvk979j4db1yjs549dq9mvkt8b2h83nby3localvk979j4db1yjs549dq9mvkt8b2h83nby3meeting-assistantvk979j4db1yjs549dq9mvkt8b2h83nby3

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments