Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Knowledge Base
v1.0.1全AI公司共享知识库接口。统一管理运营记录、战略文档、审计日志,支持跨Agent知识检索与共享状态同步。
⭐ 0· 38·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The described purpose (shared KB, audit logs, handoff, IMA sync) aligns with the functions shown in SKILL.md (read/write state, audit, handoff). However the SKILL metadata declares no required config paths or credentials while the runtime instructions assume a specific local workspace path (C:\Users\Admin\.qclaw\...) and an external IMA integration; that mismatch is unexpected.
Instruction Scope
SKILL.md explicitly instructs reading and writing many sensitive files (CEO decisions, financial audit, security state, shared-state JSONs and audit logs) and shows code that writes to and enumerates a hard-coded local path. It also references an IMA 'notify_subscribers' hook (commented) implying network notification/external sync. The instructions grant broad discretion to access and modify sensitive organization data but do not declare or constrain where/when that happens.
Install Mechanism
There is no install spec and no code files executed by installer (instruction-only). That minimizes installation risk because nothing is downloaded or written at install time.
Credentials
The skill requests no environment variables or credentials, yet describes integration with an external IMA (Tencent) and shows code that would perform network notifications if implemented. There is no declared place to store or use API keys, nor are config paths declared even though the SKILL.md reads from and writes to a specific local workspace. Asking to handle highly sensitive data (financial, legal, security logs) without specifying access controls or credentials is disproportionate and ambiguous.
Persistence & Privilege
The skill is not always-enabled and does not request platform-level privileges. It does instruct writing files under a workspace path (local persistence), which is expected for a knowledge-base skill, but it does not attempt to modify other skills or global agent configuration in the provided instructions.
What to consider before installing
This skill appears to implement a company knowledge hub by reading and writing many sensitive local files and (optionally) notifying an external IMA service, but its package metadata does not declare the config paths or credentials needed. Before installing or enabling it: (1) confirm the intended deployment environment — SKILL.md hard-codes a Windows path (C:\Users\Admin\...) and may not work or may target the wrong filesystem on other OSes; (2) require the author to specify where IMA endpoints and API credentials are stored and to declare any required config paths or env vars; (3) restrict which agents may invoke it and audit all reads/writes to sensitive directories; (4) inspect any actual code run by the agent (notify_subscribers or network calls) to ensure no unauthorized exfiltration; (5) if you cannot verify those details, treat the skill as untrusted and do not grant it access to sensitive company data or let it run autonomously.Like a lobster shell, security has layers — review code before you run it.
latestvk972ey5v0947kwsfk2d94ak8sx84nsnh
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
🗄️ Clawdis
OSLinux · macOS · Windows