ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Cca Quiz

v1.0.0

CCA 模拟测验,12道场景题覆盖全部5个领域。当用户说"CCA测验"、"模拟考试"、"cca quiz"、"测试CCA水平"时使用。

0· 56·0 current·1 all-time
by@sawzhang
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name, description, and the questions/flow in SKILL.md match: this is a 12-question CCA mock exam that presents one question at a time, scores answers, and provides explanations. The skill requests no env vars, binaries, or installs, which is consistent with an instruction-only quiz.
!
Instruction Scope
The SKILL.md includes an 'allowed-tools: Read, Bash' header but the quiz content itself requires only conversational Q&A. Granting Read and Bash is unnecessary for the described interaction and would allow the agent to read files or execute shell commands if honored at runtime. The instructions do not explicitly direct the agent to read local files or run shell commands, so this appears to be an unnecessary expansion of scope and a potential misuse vector.
Install Mechanism
No install spec and no code files — the skill is instruction-only. This is the lowest-risk install profile and is proportional to the stated purpose.
Credentials
No environment variables, credentials, or config paths are requested. This is proportionate for a quiz skill.
Persistence & Privilege
always is false and disable-model-invocation is default (false); nothing requests permanent or elevated presence. The skill does reference other skills via '/cca-domainN' recommendations, but that's an in-domain usability feature rather than a privilege escalation.
What to consider before installing
This skill appears to implement the claimed CCA mock exam and is instruction-only, which is good. However, it unnecessarily declares allowed tools 'Read' and 'Bash' in the SKILL.md header — a quiz needs only conversational interaction and should not require file reads or shell access. Before installing, consider asking the publisher to remove those tool permissions or confirm they won't be granted at runtime. If you proceed, only enable the skill in a restricted environment (or with limited tool permissions) so the agent cannot run arbitrary shell commands or read local files. If you cannot confirm a change, treat the 'Read/Bash' allowance as a risk and prefer not to install.

Like a lobster shell, security has layers — review code before you run it.

latestvk9707xv2t0b14rvhpe9y0gxbqd83gsrx

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments