ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Shwuyechaxunhetongdaoqi

v1.0.0

查询上海市物业项目合同到期信息,提取招标公告合同期限和中标/评标日期,计算合同到期时间并生成CSV。

0· 56·0 current·0 all-time
by@misbah-boop
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The skill claims to be a Python-based scraper/OCR pipeline and includes a Python script and Python library names in SKILL.md, but package.json lists Python libraries (requests, beautifulsoup4, pytesseract, etc.) as npm dependencies and also declares a dependency on another skill ('shwuyeyanjiu'). This mismatch between packaging metadata and runtime language is incoherent and suggests sloppy packaging or incorrect distribution metadata. The code also expects another skill's scripts to exist at a relative path ('../.. /shwuyeyanjiu/scripts') which is not declared as a required skill or dependency in a way the platform enforces.
!
Instruction Scope
The SKILL.md instructs the agent to download PDFs, run OCR (pytesseract), convert PDFs to images (pdf2image), and parse dates — all reasonable for the stated purpose. However: (1) OCR requires external native binaries (Tesseract) and pdf2image typically needs poppler; the skill declares no required binaries, so required system-level dependencies are omitted. (2) The included script alters sys.path to import code from a sibling skill ('shwuyeyanjiu'), which means it will read/execute code outside this skill's directory — a cross-skill dependency that isn't clearly declared or sandboxed. Both issues expand the runtime scope beyond what's explicitly stated.
Install Mechanism
There is no install spec (instruction-only + small script), which is lower-risk. However, package.json is present and inconsistent with a Python runtime (it lists Python libs under 'dependencies' and references a repository URL). The SKILL.md suggests using an environment/tool ('uv run' and 'uv sync') to install/run dependencies; it's unclear what 'uv' will do and whether it will fetch native binaries. This ambiguity increases operational risk but is not necessarily malicious.
Credentials
The skill does not request any environment variables, credentials, or config paths. Its data sources are publicly listed (a Shanghai government announcements site). There are no obvious requests for unrelated secrets or cloud credentials.
Persistence & Privilege
The skill does not request always:true and is user-invocable only. It does not attempt to modify other skills' configurations in the files provided. The main concern here is cross-skill import (sys.path insertion), which increases the effective trusted surface but is not the same as requesting elevated platform privileges.
What to consider before installing
What to check before installing or running this skill: - Packaging mismatch: package.json lists Python libraries and a dependency on 'shwuyeyanjiu' even though this is a Python-based skill. Confirm how dependencies are actually installed on your platform (what 'uv sync' / 'uv run' does) and whether package.json is meaningful here. - Native binaries: OCR and pdf2image require native tools (Tesseract, poppler). Verify these are available or will be installed and that you trust the source that will install them. - Cross-skill import: the script modifies sys.path to import code from a sibling skill (shwuyeyanjiu). Inspect the code of that other skill before running this one — it could execute additional logic or access data you didn't expect. The repository did not include shwuyeyanjiu, so you should obtain and review it or sandbox execution. - Source provenance: the skill's homepage is 'none' and source is 'unknown'. If you plan to run it, prefer running inside a restricted environment (container or VM) and review the full code of any referenced skill (shwuyeyanjiu) and any install scripts 'uv' would run. - Operational safety: run one district first and inspect CSV output; ensure no unexpected network calls to endpoints outside the listed government site. If you need help, ask the author for a clear install/run guide (how dependencies and native binaries are installed) and for the code of the referenced shwuyeyanjiu skill. Given the packaging and dependency ambiguities, treat this skill as potentially safe in intent but operationally sloppy — review the missing pieces and the other skill it depends on before trusting it with real data or broad permissions.

Like a lobster shell, security has layers — review code before you run it.

latestvk97b99cdhk8e33zf8p4d8ndgyn84dehd

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments