Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Novel Character Profile Builder
v1.0.0Novel Character Profile Builder (小说人物档案创建工具) — A bilingual CN/EN skill for creating structured, detailed character profiles for fiction writing. Generates co...
⭐ 1· 736·6 current·6 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The code files (profile generator, conflict detector, lore-bible manager, session manager, analyze/validate scripts) match the declared purpose of creating, validating, scanning, and managing character profiles. Templates, example assets, and workflow configs are coherent with a fiction-authoring tool.
Instruction Scope
SKILL.md explicitly tells the agent to 'access user work directory and switch to that directory' and the enhanced features scan existing profiles, create directories, save temp files, and can move files into a final Characters directory. These behaviors are plausible for a workspace manager, but they require filesystem read/write access to user paths. The documented --no-confirm / non-interactive options allow writing/moving files without user confirmation, increasing risk if invoked incorrectly.
Install Mechanism
No install spec is declared (instruction-only at registry level), so risk from downloads is low. However the package contains many Python scripts (no packaging/install specification), so running the skill will depend on executing local Python code. There is no declared dependency management or sandboxing — users should expect to run Python scripts from the repo.
Credentials
The skill requests no environment variables or external credentials, which is proportionate. A possible concern: validation rules/config include condition strings (e.g., 'age.isdigit() and not (0 <= int(age) <= 150)') that the code may evaluate at runtime — if the code evaluates condition text from config, a modified rules file could cause execution of arbitrary expressions. Review how rules/conditions are evaluated before trusting unvetted rule files.
Persistence & Privilege
always:false and no claimed modification to other skills. The skill legitimately writes files within a user-specified workspace and persists session state; this is expected. Still, the ability to run non-interactively (--no-confirm) and to create/modify directories in arbitrary paths increases the blast radius if the agent is invoked without careful workspace restrictions.
What to consider before installing
This skill appears to implement the stated character-profile and LoreBible management features, but it operates on the user's filesystem and can create/move files. Before installing or allowing autonomous invocation: 1) Inspect scripts locally (especially lore_bible_manager.py, profile_session.py, conflict_detector.py) for any eval/exec of config strings or unexpected network calls; 2) Run the code in a sandbox or test workspace (not your home directory) to confirm behavior; 3) Avoid using or exposing --no-confirm until you trust the code — prefer interactive confirmation; 4) If you plan to point --workspace at an existing directory, make a backup first; 5) If you need higher assurance, ask the author for a package with explicit dependency and import paths and/or a minimal reproducible example demonstrating safe rule evaluation. If you want, I can scan the remaining truncated script sections for eval/exec or network usage and highlight exact lines of concern.Like a lobster shell, security has layers — review code before you run it.
latestvk977k8tef5a7bs99f5w0zwgmnn825hrz
License
MIT-0
Free to use, modify, and redistribute. No attribution required.