ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Beckmann Knowledge Graph

v1.1.0

A structured knowledge graph (392 entities and 599 Relations in version 1.0., 438 entities and 702 Relations in version 1.1.) that acts as a cognitive 'lens'...

0· 139·0 current·0 all-time
by@matthiasbeckmann987-spec
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
CryptoCan make purchases
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name, description, and files (graph.json, SKILL.md) match: a knowledge-graph skill that provides reasoning lenses. No unrelated binaries, environment variables, or config paths are requested.
!
Instruction Scope
SKILL.md instructs agents how to load and apply the graph and to 'must understand' the framework prior to use — which is reasonable. However the pre-scan flagged unicode control characters in SKILL.md, a vector commonly used for prompt-injection (hidden text direction/control to alter interpretation). That makes the instruction content potentially manipulable and warrants manual inspection.
Install Mechanism
No install spec and no code to execute; this is instruction-only with static JSON and docs, which minimizes installation risk.
Credentials
Skill requests no environment variables, credentials, or config paths. The graph and docs are self-contained; requested access is proportionate to the stated purpose.
Persistence & Privilege
Skill is not forced-always and has default autonomy settings. It does not request persistent system-wide changes or access to other skills' configs.
Scan Findings in Context
[unicode-control-chars] unexpected: Hidden unicode control characters are not necessary for a knowledge-graph skill and can be used to perform prompt-injection (e.g., embed invisible re-direction or override instructions). Manual review of SKILL.md for such characters is recommended before enabling autonomous invocation.
What to consider before installing
This skill appears to be what it claims (a self-contained knowledge graph) and asks for no credentials or installs, which is good. However, the runtime instructions (SKILL.md) contain hidden unicode control characters detected by the scanner — a known technique for manipulating LLMs. Before installing or allowing autonomous use: 1) Open SKILL.md in a hex or raw-text viewer and remove/control any unexpected control characters (e.g., U+202E, U+200B, U+200E, other zero-width or directionality chars). 2) Inspect graph.json to ensure it contains only non-executable data you expect. 3) Run the skill in a restricted/sandboxed agent session (no access to secrets or external systems) to observe behavior. 4) Avoid passing sensitive data to the skill and do not grant long-lived privileged access until you are comfortable with the content and author provenance. If you want, I can parse SKILL.md and highlight any non-printable characters and show their codepoints.

Like a lobster shell, security has layers — review code before you run it.

latestvk97bdja8rcg6ahpqampe1mh2hn84k3vg

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments