ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Calculus Concept Visualizer

v1.0.0

基于多表征理论和动态可视化的微积分概念理解助手,专门解决ε-δ定义、导数本质、积分思想等核心难点的理解困难。 通过 GeoGebra 交互演示、认知诊断、即时检测,实现从具体直观到抽象形式化的渐进式学习。

0· 74·0 current·0 all-time
bymath@daigxok

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for daigxok/calculus-concept-visualizer.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Calculus Concept Visualizer" (daigxok/calculus-concept-visualizer) from ClawHub.
Skill page: https://clawhub.ai/daigxok/calculus-concept-visualizer
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install calculus-concept-visualizer

ClawHub CLI

Package manager switcher

npx clawhub@latest install calculus-concept-visualizer
Security Scan
Capability signals
CryptoCan make purchases
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description (calculus visualization, ε-δ, derivative, integrals) match the provided code and templates: GeoGebra config generator, interactive plotting, misconception detector, quiz generator and step builder. The included Python tools and prompts are coherent with the stated educational goals.
!
Instruction Scope
SKILL.md declares allowed-tools (Bash, Python, FileWrite) and calls the local Python tools to generate visuals and quizzes — that's expected. However the instructions and tool implementations include automatic file operations (auto_save_visualizations = true in hermes.config.yaml) and several places where user-supplied mathematical expressions are passed to eval(), allowing arbitrary Python execution if an attacker or malformed input supplies code. The skill also embeds prompts and templates (system/prompts) which include a pre-scan 'unicode-control-chars' prompt-injection signal. The SKILL.md requests OPENCLAW_SKILLS_PATH (requires-env) while the registry metadata lists no required env vars — an inconsistency.
Install Mechanism
No install spec in registry (no packaged install), README suggests installing via OpenClaw CLI and Python deps via pip; requirements.txt exists and lists numpy/matplotlib/plotly/sympy/pandas/pytest but code imports scipy in plot_interactive while scipy is not listed — dependency mismatch. There are no remote download URLs or archives in the install flow, which reduces supply-chain risk, but missing declared deps and manual install instructions mean the runtime environment could differ from what's expected.
!
Credentials
Registry metadata reports no required environment variables, but SKILL.md's frontmatter lists requires-env: OPENCLAW_SKILLS_PATH (inconsistency). No cloud credentials are requested — good. Hermes config references a model provider (deepseek) but no API key variables are declared. Overall no excessive credentials requested, but the mismatch in declared env vars and the skill's configuration should be resolved before trusting runtime behavior.
Persistence & Privilege
always:false (not forced globally) and model invocation is allowed (normal). The skill's hermes.config enables auto_save_visualizations and file_operations capability which cause files/images to be written to disk automatically; this is reasonable for a visualization tool but increases persistence footprint and may write files into the agent's working directories (verify target path). The skill does not request modification of other skills' configs.
Scan Findings in Context
[unicode-control-chars] unexpected: SKILL.md contained prompt-injection indicators (unicode control characters). This is not expected for an education visualization skill and could be an attempt to influence agent parsing; inspect the SKILL.md raw content and sanitize before use.
What to consider before installing
This skill appears to do what it says (generate GeoGebra configs, plots, quizzes and diagnose misconceptions), but several red flags mean you should not install it into a production or privileged environment without review: - Review the code before running. Several modules (plot_interactive.py and others) use Python's eval() on strings that originate from user input or templates; that enables arbitrary code execution if a malicious string is passed. Consider replacing eval with a safe math parser (e.g., sympy parsing + lambdify) or strict sanitization. - Run it in an isolated/sandboxed environment first (container or VM) and inspect what files it writes. hermes.config.yaml sets auto_save_visualizations and the skill uses FileWrite — ensure outputs cannot overwrite sensitive files and that saved paths are limited to a safe directory. - Fix dependency/declaration mismatches: requirements.txt does not list scipy but the plotting code imports it; SKILL.md lists OPENCLAW_SKILLS_PATH while registry metadata shows none. Ensure the runtime environment supplies the actual dependencies and declared env vars. - Inspect SKILL.md and prompt templates for hidden control characters or prompt-injection content (scanner flagged unicode-control-chars). Remove or normalize unexpected unicode controls. - If you accept the risk, run the provided tests (tests/test_skill.py) in an offline sandbox to verify behavior. If you maintain the skill, remove or guard all eval calls and validate/parse mathematical expressions safely. If you are not comfortable auditing Python code, prefer not to install this skill or request a reviewed/official release with sanitized parsing and corrected metadata.
tools/plot_interactive.py:55
Dynamic code execution detected.
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.

Like a lobster shell, security has layers — review code before you run it.

latestvk979ekr4khx4yyqkmf01113wq984gtfn
74downloads
0stars
1versions
Updated 2w ago
v1.0.0
MIT-0
math@daigxok
latest
Download

Calculus Concept Visualizer - 微积分概念可视化助手

核心能力

本 Skill 针对高等数学学习中的抽象概念理解困难,提供以下解决方案:

1. 多表征转换教学

  • 视觉表征: GeoGebra 动态交互演示
  • 代数表征: 渐进式符号形式化
  • 数值表征: 计算表格与趋势观察
  • 语言表征: 自然语言与数学语言的精确对应

2. 动态可视化生成

  • ε-δ 极限定义的双向滑块交互(你挑战ε,我寻找δ)
  • 割线→切线的演变动画(揭示导数本质)
  • 黎曼和的动态构建(理解积分思想)
  • 泰勒展开的逐步逼近(可视化误差控制)

3. 认知冲突与诊断

  • 常见误区库: 预置 20+ 种概念误解模式
  • 即时诊断: 分析学生回答识别潜在错误
  • 针对性干预: 生成反驳示例打破错误直觉

4. 支架式学习路径

直观感知 → 数值探索 → 几何理解 → 代数形式化 → 即时检测

使用方法

基础概念可视化

请帮我理解极限的ε-δ定义
请可视化导数的几何意义
请演示定积分的黎曼和构造

针对性诊断教学

我学生总是认为"极限就是代入",怎么纠正?
请针对"左右极限混淆"设计干预方案
生成一道检测学生是否理解"任意ε存在δ"逻辑的测试题

交互式探索

生成可交互的 GeoGebra 演示:拖动ε观察δ的变化
展示连续但不可导的函数例子(Weierstrass函数)
对比不同阶泰勒展开的逼近效果

技术实现

工具调用

  • generate_geogebra: 生成动态数学演示
  • plot_interactive: Python matplotlib 交互图表
  • diagnose_misconception: 认知诊断分析
  • generate_quiz: 即时检测题生成

输出格式

每个概念解释包含:

  1. 分层文本解释(配合可视化指令)
  2. GeoGebra 配置代码(可直接嵌入)
  3. Python 可视化脚本(备用静态/动态图)
  4. 交互指令(明确学生操作步骤)
  5. 3道渐进检测题(识别→应用→迁移)

适用场景

  • 课前预习: 建立直观认知基础
  • 课堂演示: 动态展示抽象概念
  • 课后复习: 针对性诊断与强化
  • 考研辅导: 深度理解命题逻辑
  • 错题分析: 定位概念理解偏差

教学原理

基于APOS理论(Action-Process-Object-Schema)设计:

  • Action: 通过交互操作体验数学过程
  • Process: 内化动态变化的心智模型
  • Object: 将过程封装为可操作的数学对象
  • Schema: 构建概念网络与关联

作者信息

版本历史

  • v1.0.0 (2026-04-08): 初始发布,支持极限、导数、积分核心概念

许可证

MIT License - 开放教育资源,欢迎教学使用与改进

Comments

Loading comments...