Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
.Chef Complete Test
v1.0.0专业厨师对话食谱生成技能:完整的交互式食谱生成工作流,模拟专业厨师与AI审查的完整流程。使用场景:当用户询问'我想吃XXX,作为一个专业的厨师,你会怎么做?'时,提供专业厨师视角的详细烹饪指导。
⭐ 0· 209·0 current·0 all-time
by渡鸦大人@puppetcat-fire
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The skill claims a multi-stage generator (chef-dialog.sh, AI analysis scripts, finalize scripts) but the archive only contains SKILL.md, install.sh, and package.json. The SKILL.md lists many scripts that would be required for the described functionality; those files are not present in the provided manifest. Requiring only bash is consistent with the stated shell-script implementation, but the packaging is incomplete/incoherent.
Instruction Scope
SKILL.md instructs the agent to run local scripts (./chef-dialog.sh etc.) that would implement the generation→analysis→optimize flow. Because those scripts are not present, it's unclear what will actually run. Additionally, a prompt-injection scanner flagged 'unicode-control-chars' in SKILL.md, which can be used to manipulate LLM behavior or hide content — this is a warning sign and should be investigated.
Install Mechanism
The installer is a local Bash script (no network downloads), which is lower risk than remote installs. The install script copies the skill into ~/.openclaw/workspace/skills, creates an output dir, and sets file permissions. However, the installer calls chmod on many scripts and will fail (set -e) if those files are missing — indicating the package is incomplete and could cause unexpected failures during install.
Credentials
The skill requests no environment variables or credentials and only requires bash/coreutils. There are no disproportionate credential requests.
Persistence & Privilege
always is false and the installer copies files into the user's OpenClaw skills directory (~/.openclaw/...), which is expected for a skill. It does not request system-wide privileges or modify other skills' configs in the provided scripts.
Scan Findings in Context
[unicode-control-chars] unexpected: The SKILL.md contains unicode control characters flagged by the scanner. These characters can hide or alter text for downstream LLMs (prompt injection) or conceal content. This is not expected for a simple cooking-skill README and should be inspected/removed before installing.
What to consider before installing
Do not run the installer on a production system yet. The package is missing the core scripts (chef-dialog.sh and many others) that the README advertises, so the archive is incomplete or incorrectly packaged. Also the SKILL.md contains hidden unicode-control characters (a prompt-injection signal). Ask the author for the complete source or obtain the code from the declared GitHub repo, then: 1) inspect the actual chef-dialog*.sh and analyze-recipe*.sh scripts for network calls or credential use, 2) verify there are no hidden control characters in SKILL.md (remove them), 3) run install.sh in a sandboxed environment (VM or container) and review what it writes to ~/.openclaw before trusting it, and 4) avoid executing the installer as root. If the author cannot supply the missing scripts or a canonical repository link with full sources, treat this package as untrusted.Like a lobster shell, security has layers — review code before you run it.
latestvk970drqz7ks0mrksxnybbjzv7982tzf1
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
👨🍳 Clawdis
Binsbash