Recognize Intent

This skill appears to implement intent recognition as described, but pay attention to these points before installing: - .env loading: index.js will read a skills/.env (if present) and inject those variables into the process environment, and the Python subprocess inherits the entire environment. Avoid storing unrelated secrets in .env or the agent environment if you enable this skill. - Remote LLM calls: the Python code can call a Gemini REST endpoint (gemini_api_url) using gemini_api_key / token. If you supply those creds or they exist in environment, the user query and generated prompts will be sent to that endpoint. Only provide keys for a trusted host. - Optional connectors: SKILL.md references Milvus/MySQL/semantic services. Those are optional and degrade gracefully if not provided, but if you configure them they will be contacted and may receive parts of user input or metadata. - Dependency/runtime: this bundle expects Python and the httpx library (and possibly other Python libs). Test in a sandbox or ensure dependencies are installed in a controlled environment. - Inconsistencies: SKILL.md suggests file-based workflows (reading rewrite_output.json and writing intent_output.json) but the packaged index.js uses stdin/stdout instead; expect differing behaviors depending on how you invoke the skill. Recommendations: inspect any skills/.env file before use, avoid placing unrelated secrets in the agent environment, only provide Gemini/API credentials if you trust the endpoint, and test the skill in an isolated environment first.

These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.