ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

01 Tomato Ip Parse

v1.0.5

专业解析番茄小说IP内容,提取世界观、人物设定、核心冲突及爽点,完成内容合规初检,助力AI剧本改编。

0· 99·1 current·1 all-time
by@ghwyever
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description, SKILL.md, manifest, and code all align: the skill sends novel_title/novel_text to a configurable LLM (API_KEY, API_BASE, MODEL_NAME) and returns structured IP info. However, the skill advertises a 'content compliance initial check' but the implementation always returns { is_safe: true, risk_words: [] } (a stub), so the compliance capability is effectively unimplemented.
!
Instruction Scope
The runtime instructions and code instruct the agent to transmit the full novel_text and title to the configured API_BASE endpoint. SKILL.md does not warn about sending potentially sensitive or copyrighted text to an external LLM. The compliance_check promised in the spec is not performed by the code (it's a hardcoded safe result), which is a scope/feature mismatch.
Install Mechanism
There is no install spec (instruction-only plus a small JS entry), so nothing is downloaded or written to disk beyond the skill's own code. No suspicious install URLs or extract steps are present.
Credentials
The skill requires three environment variables (API_KEY, API_BASE, MODEL_NAME), which are appropriate for a generic LLM-backed skill. Be aware that providing these will cause your full submitted text to be sent to the configured service; ensure the API_BASE and provider privacy/retention policies are acceptable for copyrighted or sensitive content.
Persistence & Privilege
always is false and the skill does not request elevated or persistent system privileges. It does not modify other skills' configs or system-wide settings.
What to consider before installing
This skill is mostly coherent but has two practical concerns: (1) it will transmit the entire novel text you provide to whatever API endpoint (API_BASE) you configure — only use a trusted LLM provider or avoid sending copyrighted/sensitive text; (2) the 'compliance_check' promised by the description is a no-op in the code (always returns is_safe:true), so do not rely on it for real content-safety screening. Additional small issues: manifest version differs from registry version (cosmetic) and the code lacks error handling when parsing model output. If you plan to install, verify the API_BASE you set, consider adding a real compliance step or local screening before sending text, and test with non-sensitive inputs first.

Like a lobster shell, security has layers — review code before you run it.

latestvk973xggrztvf8gba2bese9t4b184jdd7

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments