ClawHub

Pattern Matching

v1.0.0

Provides patterns for detecting sensitive data like API keys, credit cards, emails, SSNs, phone numbers, and IPs for authorized security testing and validation.

0· 103·0 current·0 all-time
by@pandaai-1337
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name and description claim pattern lists for detecting sensitive data; the shipped files are pattern/grep lists (API keys, credit cards, emails, SSNs, IPs, etc.) that directly match that purpose. No unrelated credentials, binaries, or configuration are requested.
Instruction Scope
SKILL.md only documents the collection, its source (SecLists GitHub), usage examples for reading the local reference files, and ethical use guidance. It does not instruct the agent to read unrelated system files, exfiltrate data, call external endpoints, or access environment variables beyond local file reads.
Install Mechanism
There is no install spec and no code to run; this is instruction-only with included reference files. Nothing is downloaded or executed by the skill at install time.
Credentials
The skill declares no required environment variables, credentials, or config paths. The content contains strings that match dangerous functions/backdoor indicators (expected for detection lists) but no request for secrets or unrelated service tokens.
Persistence & Privilege
The skill does not request always:true, does not modify other skills or system settings, and contains no installation scripts or components that would persist beyond the provided reference files.
Assessment
This skill is a static collection of detection patterns (from SecLists) and appears coherent for authorized security testing. Before installing: (1) Confirm you have permission to scan any target systems — the SKILL.md correctly warns about authorized use; (2) Verify provenance if provenance matters (source/homepage is marked 'unknown' though the SKILL.md points to the SecLists GitHub and MIT license); (3) Review the pattern files to ensure they match your use case and to avoid running them against sensitive production data unintentionally; (4) If you need the latest or full SecLists, consider pulling directly from the official GitHub repo rather than an unknown registry package.

Like a lobster shell, security has layers — review code before you run it.

latestvk97cewbym16hxn5j0n3c6ytm8983bmvv

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments