ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Patent Writer

v1.1.0

中文专利交底书撰写助手。支持两种模式:(1) 方向模式:用户给出技术方向,自动搜索并推荐创新点供选择;(2) 明确想法模式:用户已有明确发明构思,直接进入撰写流程。触发词:写专利、专利撰写、专利交底书、发明点推荐、帮我写个专利。

1· 154·0 current·0 all-time
by@sherww
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name, description and instructions align: the skill performs literature search (via arxiv/research-lit/web_search), extracts innovations, drafts sections to a specified template, and converts Markdown to DOCX using pandoc. The included md2docx.sh matches the stated docx generation step. No unrelated credentials, binaries, or config paths are requested.
Instruction Scope
SKILL.md asks the agent to call external retrieval skills (arxiv, research-lit, web_search) and to produce large amounts of technical detail. That is consistent with the purpose, but behaviour depends on the invoked retrieval skills (their data handling/privacy). The skill explicitly warns not to fabricate sources. It references an example workspace path only as output location; it does not instruct reading arbitrary system files or environment variables.
Install Mechanism
No install spec is provided. The only executable artifact is a small bash script (md2docx.sh) that invokes pandoc; it is local, readable, and not fetched from a remote URL. No downloads, archives, or unusual install actions are present.
Credentials
The skill declares no required environment variables, no primary credential, and no config paths. package.json lists pandoc as a required system tool and lists optional skills (arxiv, research-lit), which is proportionate to its function. There are no requests for unrelated secrets or tokens.
Persistence & Privilege
always is false and disable-model-invocation is false (normal). The skill does not request persistent system-wide changes or modify other skills' configs. It operates within its own workspace/files as described.
Assessment
This skill appears internally consistent with being a Chinese patent-drafting assistant. Before installing, consider: (1) Privacy of draft content — the skill uses external retrieval skills (arxiv, research-lit, web_search); confirm those skills' data handling before sending confidential invention details to them. (2) Pandoc availability — md2docx.sh calls pandoc, so ensure pandoc is installed if you need DOCX export. (3) Provenance — the package has no homepage and an unknown owner; if provenance or license matters, request source/author info. (4) Legal/IP risk — drafting patent claims is legally sensitive; have a qualified patent attorney review outputs. If you need higher assurance, inspect the referenced retrieval skills (arxiv, research-lit, web_search) and confirm they do not exfiltrate inputs beyond expected web queries.

Like a lobster shell, security has layers — review code before you run it.

latestvk9713vp4w15k3pfc26d13apws183apwm

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments