ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Blind Review Sanitizer

v1.0.0

Use blind-review-sanitizer for academic writing workflows that need structured anonymization, explicit assumptions, and clear output boundaries for double-bl...

0· 23·0 current·0 all-time
byAIpoch@aipoch-ai
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Suspicious
high confidence
Purpose & Capability
Name/description match the delivered assets: an instruction-only skill that packages a local Python script (scripts/main.py) to perform anonymization. The presence of a .py implementation and text/docx handling is consistent with the stated purpose. Minor inconsistency: requirements.txt lists 'docx' while SKILL.md and runtime expect 'python-docx' (the import used is 'from docx import Document'), which can cause confusion or failed installs.
!
Instruction Scope
SKILL.md instructs the agent/operator to validate input/output paths and avoid ../ traversal, and to edit an in-file 'CONFIG' block if present. The shipped code does not appear to expose or require a CONFIG block (SKILL.md’s reference may be generic/incorrect). The code will read arbitrary input files and write outputs; I did not find enforced path sanitization or explicit checks preventing reading/writing outside a workspace. For a file-processing tool this behavior is expected, but because the instructions encourage editing paths and the implementation doesn't enforce path constraints, there is a risk of accidental overwrite or reading sensitive files if the user/agent provides a malicious path.
Install Mechanism
No install spec; this is instruction-only with a bundled Python script. That is low-risk from an installation-execution standpoint because nothing is downloaded at install time. However, running the script will require local Python and the python-docx package for .docx processing.
Credentials
The skill requests no environment variables, no credentials, and no config paths. That is proportionate to its stated purpose of local anonymization.
Persistence & Privilege
always is false and the skill is user-invocable; it does not request permanent presence or elevated agent-wide privileges. Autonomous invocation is allowed by default but is not combined with other privilege escalations.
What to consider before installing
This skill appears to be a legitimate local anonymizer, but review these before running: 1) Dependency name mismatch — the script imports 'docx' (python-docx). Ensure you install the correct package (pip install python-docx) and test on a non-sensitive sample. 2) Inspect the script before execution to confirm there are no network calls or hidden behaviors (the provided code shows no network I/O). 3) Provide only trusted input/output paths and run in an isolated or disposable workspace to avoid accidental reading of sensitive files or overwriting important data; the script does not enforce path restrictions. 4) Expect imperfect results — manual review is required before submission. If you need higher assurance, run python -m py_compile scripts/main.py and examine the CLI argument handling section (not fully visible in the truncated file) to confirm how input/output paths are handled and whether the script can overwrite files without prompts.

Like a lobster shell, security has layers — review code before you run it.

latestvk97egscahme0we4wkpwr3khx89843ztp

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments