Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
jiesuan
v1.0.0AI驱动的智能结算助手,支持自然语言规则解析、多种结算模式(达标瓜分/排名赛/混合模式)、自动超时重试机制,数据本地处理保障安全。
⭐ 0· 59·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description (AI settlement assistant) aligns with the included Python engine that performs aggregation and payout calculation. However SKILL.md claims support for Excel (.xlsx/.xls) while the provided code only implements CSV loading; SKILL.md also references an AI API endpoint (wanqing.internal) and a model name but the package declares no environment variables or credentials for calling any remote model — this is an internal inconsistency (either the skill expects a remote AI but doesn't request credentials, or the parsing is intended to be local).
Instruction Scope
SKILL.md states '原始数据不上传,仅规则描述发送至AI' (raw data processed locally, only rule text sent to AI). The doc includes an API endpoint and model config, but there are no concrete runtime steps or env vars for performing that network call, and the provided RuleParser in settlement_engine.py does local parsing (and only supports a simplistic guaranteed-mode pattern). That ambiguity is concerning: it's not clear whether rule text will actually be sent to a remote service at runtime, and if so where and under what authentication. Additionally the RuleParser contains a regex bug and limited coverage which may cause mis-parsing of rules.
Install Mechanism
No install spec (instruction-only with one Python file). No remote downloads or install hooks present, so runtime risk from installation is low. The engine is pure Python and uses only standard libraries (csv, re, collections), which is proportionate for the stated task.
Credentials
No required environment variables or credentials are declared, yet SKILL.md documents an AI API endpoint and a model name. If the skill intends to call that endpoint, it should declare and require credentials (API key, token) and explain network behavior. The absence of declared secrets but presence of an endpoint is inconsistent and increases ambiguity about where rule text might be transmitted.
Persistence & Privilege
The skill does not request permanent presence (always:false) and there are no indications it modifies other skills or system-wide settings. No persistence mechanisms are declared; SKILL.md claims no persistent storage of data after processing.
What to consider before installing
Key points to confirm before installing or using this skill:
- Clarify AI usage: SKILL.md lists an API endpoint (http://wanqing.internal) and a model name. Ask the author whether the agent will actually send rule text to that endpoint. If so, ask what authentication is required, whether traffic is encrypted, and whether the endpoint is internal/trusted. Do not assume data is local until this is confirmed.
- Credentials and network behavior: The package declares no environment variables for API keys. If remote calls are used, the skill should explicitly require and document safe credential handling (no hardcoded secrets) and disclose network destinations.
- Excel support mismatch: The documentation says .xlsx/.xls are supported but the code only reads CSV. If you need Excel support, request that the author add a proper Excel reader (e.g., openpyxl or pandas) or clarify that CSV is the required input format.
- Rule parsing limitations and bug: The included RuleParser only implements a very small subset (guaranteed mode) and contains a regex bug (typo using 'd+' instead of '\\d+'), which can cause parsing failures or incorrect payouts. Request fixes and more comprehensive parsing tests before trusting results for real payouts.
- Test locally with non-sensitive data: Run the Python engine locally on representative CSVs to verify behavior, edge cases, and that no network calls occur. Inspect logs and use network monitoring if you suspect remote calls.
- Security practice: If rule text must be sent to an external model, avoid including any PII or sensitive business data in the rule text. Prefer a local parsing solution or a documented, authenticated, and TLS-protected model endpoint within your trust boundary.
- Request documentation and unit tests: Ask for explicit runtime instructions (how/when the AI is invoked), required env vars (if any), and unit tests demonstrating correct payouts for representative rule scenarios.
Given these inconsistencies, treat the skill as suspicious until the author clarifies the AI invocation behavior and addresses the parsing/format-support issues.Like a lobster shell, security has layers — review code before you run it.
latestvk976gxpkyjtnmk3dg7kbh00qmd84mj6j
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
🏆 Clawdis