ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

party-planner-pro

v1.0.0

Plan, manage, and track every aspect of your event—guest lists with dietary needs, budgets, menus, timelines, vendors, day-of logistics, and post-party wrap-up.

0· 32·0 current·0 all-time
by@nollio·duplicate of @nollio/normieclaw-party-planner-pro
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name, README, SKILL.md, dashboard spec, and included scripts align: guest management, budgets, exports, and a local dashboard. Declared dependencies (Python 3.8+, optional Playwright) and no requested env vars match the stated capabilities.
Instruction Scope
SKILL.md focuses on event data and includes explicit prompt-injection defenses (treat imports as data). However the setup flow asks the user/agent to paste a shell block into the chat to copy files and run scripts — this will execute local shell scripts provided by the package and so you should inspect them first. The pre-scan detected 'ignore-previous-instructions' phrases (expected, used in the defense text) and unicode-control-chars (unexpected; could hide content).
Install Mechanism
No remote download/install spec; the package is instruction-only but contains local shell/Python scripts that the setup prompt copies and runs. That is lower-risk than fetching remote archives, but running scripts from an unknown source still requires inspection.
Credentials
The skill requests no environment variables or credentials and only mentions optional local tooling (Python, Playwright). The requested access (creating files under skills/party-planner-pro and writing JSON data under data/) is proportionate to its purpose.
Persistence & Privilege
always:false and normal autonomous invocation settings. The setup writes files into the agent workspace (skills/party-planner-pro/data/), which is expected for a local skill. No evidence the skill modifies other skills or system-wide configs.
Scan Findings in Context
[prompt-injection-ignore-previous-instructions] expected: SKILL.md intentionally references phrases like 'Ignore previous instructions' as examples to instruct the agent to ignore such injected content. The detector flagged those phrases, which is expected because the skill includes explicit injection-defense language.
[unicode-control-chars] unexpected: Unicode control characters were detected in SKILL.md content. These are not normally needed for a planner and can be used to obfuscate or hide text (e.g., to bypass simple scanners). Recommend inspecting the raw file for invisible/control characters and confirming they are benign.
What to consider before installing
This skill appears coherent for a local party-planning tool, but take basic precautions before installing or running its setup scripts: 1) Inspect the raw SKILL.md, scripts/setup.sh, scripts/export-plan.sh, and scripts/budget-report.sh for any unexpected commands, network calls, or hidden characters — the scanner found unicode control characters that deserve manual review. 2) Do not paste the provided setup block into a live agent/chat without first reading the scripts; instead run the setup commands manually in a controlled environment (or a throwaway VM/container) so you can see what executes. 3) Verify setup.sh does not download code or transmit data externally; if you need remote/visual reports, only install Playwright after confirming its use. 4) Backup your workspace before installing and keep any guest/contact data in a location you control; consider full-disk encryption if storing sensitive contact/health info. 5) If you are not comfortable auditing shell/Python code, ask someone with shell experience to review the scripts for hidden/obfuscated content before running them. Following these steps will reduce risk while preserving the functionality the package claims to provide.
!
SKILL.md:20
Prompt-injection style instruction pattern detected.
About static analysis
These patterns were detected by automated regex scanning. They may be normal for skills that integrate with external APIs. Check the VirusTotal and OpenClaw results above for context-aware analysis.

Like a lobster shell, security has layers — review code before you run it.

latestvk97fr8t6g8c4rye61b942nxqyx83y8sr

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments