ContractAI Pro
ReviewAudited by ClawScan on May 13, 2026.
Overview
The skill appears to run local contract-review and contract-generation scripts, but it substantially overstates professional AI/legal capabilities compared with the visible rule-based implementation.
Use this only as a basic local contract checklist and template generator. Do not treat its output as professional legal advice, provide only contract files you intend it to read, save reports in safe locations, and verify important contracts with a qualified lawyer.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A user could rely on a simple automated checklist as if it were a professional legal review, potentially missing important contract risks.
These are strong professional legal/AI/OCR/coverage claims. The supplied scripts visibly implement local rule matching and templates rather than the advertised LLM, real-time legal database, OCR, or broad-format processing, which may lead users to over-trust the output.
风险覆盖率 ... 95%+;🤖 基于大语言模型;📚 内置完整法律法规数据库;📊 百万级合同训练数据;🔄 实时更新法律条文和判例;💾 支持多种格式:PDF/Word/TXT/图片;🌐 OCR识别扫描件合同
Treat this as a basic local helper only, require clearer capability disclosures from the publisher, and consult qualified legal counsel for important contracts.
If pointed at the wrong file or output path, the tool could read unintended local content or overwrite/create a report in an unintended location.
The review script reads a user-specified contract file and can write a report to a user-specified path. This is expected for contract review, but it is still local file access that should remain user-directed.
parser.add_argument('--file', '-f', required=True, help='合同文件路径') ... parser.add_argument('--export', '-e', help='导出报告文件路径') ... open(file_path, 'r', encoding='utf-8') ... open(args.export, 'w', encoding='utf-8')Only run it on intended contract files and choose report/output paths carefully.
Users have less ability to verify who maintains the skill or whether future versions match the reviewed artifacts.
The package has limited provenance information. The visible code and static scan do not show suspicious install behavior, but users have little external source context to verify the publisher or implementation history.
Source: unknown; Homepage: none
Review the included scripts before use and prefer packages with a verifiable source repository or publisher documentation.