ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Haqq Content Workbench

v1.0.5

Create, verify, and package Islamic-ethics content by summarizing texts, checking sources, generating post variants, crafting questions, and archiving ideas.

0· 730·0 current·0 all-time
byMohammad@m7madash
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the actual instructions: the skill summarizes texts, checks sourcing, generates post variants, questions, and formats archive entries. All required inputs are local reference files included in the package; nothing requested appears unrelated to the stated purpose.
Instruction Scope
SKILL.md provides concrete, narrow runtime instructions (summarize, flag unverifiable claims, produce variants, questions, and a compact archive format) and points to the included reference files and templates. It does not instruct the agent to read unrelated system files, access environment variables, or transmit data to external endpoints.
Install Mechanism
No install spec and no code files — instruction-only. Nothing will be written to disk or downloaded by the skill itself during install, which minimizes supply-chain risk.
Credentials
The skill declares no required environment variables, credentials, or config paths. The instructions reference only the two included reference files and templates; there is no disproportionate or unexplained credential access.
Persistence & Privilege
always is false. The skill does not request permanent system presence or modify other skills. Autonomous invocation is permitted (platform default) but not combined with other high-privilege requests.
Assessment
This skill is internally consistent and low-risk from a technical standpoint because it is instruction-only and uses only the bundled reference files. Before installing, consider: (1) the source/owner is unknown and there is no homepage — if provenance matters to you, verify the author or prefer a known publisher; (2) review outputs for theological accuracy and bias (the included reference text enforces strict sourcing rules and conservative answers); (3) the skill will only use the included files, but the agent can call it autonomously (normal behavior) — disable or remove the skill if you do not want it invoked without a prompt; and (4) always verify any external citations the skill flags as "verified" before publishing, since the skill itself cannot fetch external documents or prove provenance beyond what you provide.

Like a lobster shell, security has layers — review code before you run it.

latestvk972841j8cf6y7trvyr1ejn8ed8224ae

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments