ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Geo Shield

v1.0.0

检测网页是否含有针对 AI 的 GEO 投毒虚假信息,提供可信度评分与详细风险分析报告。

0· 50·0 current·0 all-time
by@rfdiosuao
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The name/description promise: fetch and analyze arbitrary HTTP/HTTPS pages and produce trust reports. The shipped handler (src/dist) does NOT fetch the URL: it uses a hard-coded sampleContent and contains a comment '模拟内容获取(实际需要集成 web_fetch)'. There are no required env vars or network integration declared. This is a functional mismatch — the skill as shipped cannot perform its primary advertised function without additional integration or modification.
Instruction Scope
SKILL.md and README instruct users to invoke with a URL and imply full analysis of that page. The runtime instructions do not ask the agent to read unrelated files or credentials. However they are misleading because the implementation currently analyzes only example text rather than fetching the provided URL, so users will be surprised by the limited behavior.
Install Mechanism
No install spec and no external downloads; code is provided in the package. package.json has no runtime dependencies. This lowers install risk. No external URLs or archive extraction are used by the skill itself.
Credentials
The skill requests no environment variables, no credentials, and no config paths. The code does not call external endpoints or attempt to read environment secrets. From a credential/access perspective the requirements are minimal and proportionate.
Persistence & Privilege
No elevated privileges requested. always:false and normal invocation behavior. The skill does not modify other skills or system settings. It does not persist data according to README and code (no file writes observed).
What to consider before installing
What to consider before installing: - Functionality gap: The code in src/index.ts/dist/index.js does not fetch the target URL; it analyzes a hard-coded sampleContent. If you expect real webpage analysis, this skill as shipped will not do that — it is effectively a demo. You would need to (a) integrate a safe page-fetcher (for example the platform's sanctioned web_fetch API) or (b) modify the handler to accept fetched page content before trusting results. - Low security surface: There are no external network calls, no required secrets, and no install script. That means the immediate security risk is low, but also explains why it cannot analyze real pages. - Code quality issues: The implementation includes some problematic constructs (e.g., regexes that look like incorrect alternation patterns, and object keys with spaces such as 'GEO 检测' that may cause runtime/compilation errors). These bugs may break the skill in real use and lead to incorrect scores. - If you want to use it in production: review and fix the page-fetch integration to use the platform-approved web fetch mechanism, run the included tests locally, fix the regexes and object property naming, and re-audit before granting any network privileges. Test the skill in an isolated environment first. - If the author provides an update or documentation showing safe, explicit web-fetch integration (and the code is corrected), that would reduce concerns. As-is, treat this as a demonstration/example rather than a drop-in tool for real webpage analysis.

Like a lobster shell, security has layers — review code before you run it.

latestvk97fbpb2w48aaftg9fsym6ay2d84b13v

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments