ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

logseq article archive

v1.0.1

Build and maintain a persistent Logseq data architecture, based on the characteristics of bidirectional link technology, divided into three layers: raw data,...

0· 58·0 current·0 all-time
byHelloEric@mesopodamia
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description (Logseq data architecture maintainer) aligns with the actions described: reading raw materials, generating index pages, health checks, and maintaining cross-references. Required binaries, env vars, and installs are empty, which is coherent for an instruction-only filesystem-focused skill.
!
Instruction Scope
SKILL.md and RULES.md instruct the agent to traverse the entire pages directory, create/update index/entity/concept pages, edit cross-references, run health checks, and create external links. This falls within the stated purpose but grants broad discretion to read and modify large parts of the user's Logseq repository. There is also a direct inconsistency: SKILL.md says raw materials are "immutable, read by LLM but never modified", while RULES.md says raw materials "may be modified as necessary". The skill also suggests filling data gaps via web search and 'external link creation' without specifying what endpoints or credentials are expected.
Install Mechanism
Instruction-only skill with no install spec, no downloaded code, and no binaries requested. Lower risk from install mechanisms because nothing is written by an installer, but runtime file modifications (per instructions) remain a behavioral risk.
Credentials
The skill declares no environment variables or credentials, which is appropriate. However, it expects access to the user's filesystem (logseq/pages/) and to be able to create files in index and log directories. That filesystem access is proportionate to the purpose but should be explicit to users — the skill doesn't enumerate required paths or ask for explicit permission in clear terms.
Persistence & Privilege
always:false (normal). The skill can be invoked autonomously by the agent (default). Combined with the instruction to scan and modify the entire pages directory, autonomous invocation expands the blast radius. This is not disqualifying but is worth user attention: autonomous runs could perform large-scale edits without granular consent.
What to consider before installing
This skill appears to do what it says (managing a Logseq pages/index), but it will read and potentially modify many files in your Logseq repository. Before installing: 1) Backup your Logseq data (or test in a copy/dedicated folder). 2) Clarify the raw-materials policy (SKILL.md says raw files are immutable; RULES.md says they may be modified). 3) Confirm exactly which paths the agent will read/write and whether it will create external links or perform web searches. 4) Limit the skill's workspace to a non-sensitive test directory until you trust its behavior. 5) If you want to avoid automated mass edits, disable autonomous invocation or require explicit confirmation for destructive operations. These steps reduce risk from unintended file modification or accidental exposure of sensitive content.

Like a lobster shell, security has layers — review code before you run it.

latestvk97bc66nmtb8c5he4z1fqfry9d84temb

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments