ClawHub

Contract Analyzer

v1.0.0

Analyze and review contract documents. Use when extracting key clauses, detecting high-risk terms, comparing two contracts, generating a contract summary, or...

0· 20·0 current·0 all-time
by@pressbytesagain
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
CryptoCan make purchases
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (contract analysis, clause extraction, comparison, risk scoring, summary) matches the provided scripts and SKILL.md. The scripts implement analyze, risk, compare, summary, and checklist functionality using local file parsing and pattern matching; nothing requested appears extraneous to that purpose.
Instruction Scope
SKILL.md instructs the agent to run the bundled scripts against user-supplied files. The scripts only read the input files provided as arguments, perform local text processing with Python regex/difflib, and print results. They do not reference system config paths, other users' data, or external endpoints. The scripts do use temporary environment variables (e.g., _CR_FILE) to pass filenames into heredocs but only for the current invocation.
Install Mechanism
No install spec is present (instruction-only behavior with bundled scripts). The code shipped is simple Bash + Python using standard library; there are no downloads, package installs, or extracted archives that would write arbitrary external code to disk at install time.
Credentials
The skill declares no required environment variables, credentials, or config paths. The code does not attempt to read unrelated environment variables or external credentials. All file access is to files explicitly provided by the user as command arguments.
Persistence & Privilege
The skill is not always-enabled and does not request elevated persistence. It does not modify other skills or system-wide configuration; it only runs on demand when invoked and uses ephemeral environment variables during execution.
Assessment
This skill appears to be a straightforward local contract analysis toolkit: it runs the included Bash/Python scripts on files you provide and does not request credentials or call external services. Before installing or running: (1) review the bundled scripts (you already have them) and verify they will only be run on files you explicitly pass; (2) run the tool on non-sensitive sample files first, and if you will analyze confidential contracts, run it on copies in a controlled environment; (3) if you need networked/legal-review features, check for a trustworthy upstream provider instead of relying on this local-only tool.

Like a lobster shell, security has layers — review code before you run it.

latestvk97ftv7ej5crrqwpfvwxr6fnzs851aen

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments