ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Context Compressor

v1.1.0

Context Compressor — Real-time conversation context compression engine. Activates when user says "compress context", "压缩上下文", "上下文爆了", "context full", "上下文瘦身...

0· 76·0 current·0 all-time
byGao.QiLin@relunctance
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The skill claims to be a pure-Python context compressor with a CLI (hawk-compress) and no external credentials or binaries required, which is reasonable. However README/SKILL.md and the install script expect a hawk-compress executable under scripts/ to be symlinked into ~/bin, but the file manifest does not include that executable — only scripts/install.sh is present. That missing binary is a clear mismatch between claimed capabilities and the provided files.
!
Instruction Scope
SKILL.md and references describe automatic triggering (every 10 rounds, threshold checks, blocking writes at high thresholds) and say compression will write a history file (memory/today.md). The instructions do not show how auto-trigger integrates with the agent/platform (no hook code or manifest integration), and they assume file writes to a 'memory' path. The runtime instructions also recommend modifying the user's shell (~/.bashrc) via the installer. These behaviors go beyond simply reading an input chat history and are not fully specified in the package.
!
Install Mechanism
There is no formal install spec, but an included scripts/install.sh will append to ~/.bashrc (adding ~/bin to PATH) and create a symlink from $SCRIPT_DIR/hawk-compress to ~/bin/hawk-compress. That is intrusive (modifies user shell startup files) and will fail or be misleading because the referenced hawk-compress file is missing from the manifest. The installer links from a relative path in the package directory, which could be harmless if the executable existed, but as-is it indicates incomplete packaging and risky modification of user config for no clear benefit.
Credentials
The skill requests no environment variables or credentials, which is proportional and good. However it writes compression history to memory/today.md (per README/structured-output) and modifies shell config via the installer; those side-effects are not declared in requires.config and should be considered by users, though they are not secret-exfiltration risks on their face.
Persistence & Privilege
always is false and the skill does not request elevated platform privileges. The installer creates persistent artifacts (~/bin/hawk-compress symlink and an appended PATH entry in ~/.bashrc) and the tool writes compression history to memory/today.md. These are persistent but limited to user files; still, modifying ~/.bashrc is a persistent change and should be made explicit and handled with caution.
What to consider before installing
Do not install this package yet. Specific issues to check before proceeding: - Missing executable: README and install.sh expect a scripts/hawk-compress file but the manifest does not include it. Ask the publisher for the missing executable or full source code. Installing the provided install.sh as-is will create a broken symlink. - Installer side-effects: the install script appends to your ~/.bashrc and creates ~/bin/hawk-compress. If you accept, be prepared to undo changes to ~/.bashrc and remove the symlink. Inspect the install.sh and run it manually in a controlled environment (or edit it) rather than running it automatically. - File writes: the tool claims it will write compression history to memory/today.md — confirm where that path is (skill workspace vs your home) and whether you are comfortable storing compressed conversation content on disk. - Auto-trigger behaviour: the SKILL.md describes automatic threshold checks and blocking writes, but there is no code showing how the skill integrates with the agent runtime. Verify how (and where) the auto-trigger hook runs; otherwise automatic prompting/blocking may not actually function or may rely on out-of-band integration. If you need the functionality, request the missing hawk-compress script or a packaged release (e.g., a complete wheel or single script) and a clear install manifest. Until the package is complete and the install effects are explicit, treat this skill as untrusted and test it in a sandboxed environment first.

Like a lobster shell, security has layers — review code before you run it.

agentvk97b8fjjnhcars7sr3s9jxqkt183rjf3aivk97b8fjjnhcars7sr3s9jxqkt183rjf3compressionvk97b8fjjnhcars7sr3s9jxqkt183rjf3contextvk97b8fjjnhcars7sr3s9jxqkt183rjf3context-compressionvk978zvr0zeq3mrnfjx5rnmynz983sx4hhawkvk97b8fjjnhcars7sr3s9jxqkt183rjf3latestvk97b8fjjnhcars7sr3s9jxqkt183rjf3openclawvk97b8fjjnhcars7sr3s9jxqkt183rjf3tokenvk97b8fjjnhcars7sr3s9jxqkt183rjf3

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments