ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

中文工具包

v1.0.1

为OpenClaw提供中文文本处理、翻译、OCR、语音识别等功能的综合工具包。支持中文分词、拼音转换、中英文翻译、关键词提取、文本分析等功能。

1· 1k·8 current·10 all-time
by@utopia013-droid
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description and the Python modules (jieba, pypinyin, OCR, ffmpeg, requests, etc.) align with a Chinese text/voice/OCR toolkit. However documentation and release guides repeatedly reference Node/npm packaging (package.json, index.js/main.js, npm installs) and a different GitHub repo (utopia013-droid/luxyoo) which do not match the Python-centric codebase present. This mismatch between packaging targets (Python vs Node) is an incoherence in the bundle.
Instruction Scope
SKILL.md focuses on expected functionality (segment, translate, ocr, speech). It also instructs installing Python and system binaries and setting translation provider env vars (BAIDU/TENCENT), which is reasonable. But the docs also include full release/publish instructions (git push, npx clawhub publish, one-click release scripts) and commands that would push tags or upload releases if executed — these are outside run-time text-processing scope and elevate risk if users run the provided scripts without review.
Install Mechanism
There is no platform install spec (instruction-only), which is lower risk. The repository includes install.sh and scripts/install_deps.sh, but no automatic downloader or remote extract URL was found in the provided content. The install approach appears to rely on standard package installation (pip, apt/brew) and manual invocation of included scripts.
!
Credentials
The manifest declares no required env vars, yet the code and SKILL.md reference provider credentials and environment variables (BAIDU_TRANSLATE_APP_ID/KEY, TENCENT_CLOUD_SECRET_ID/KEY, and examples of exporting API credentials). The skill expects external API keys to enable translation/speech features but fails to declare them in the skill metadata; that mismatch is a red flag because the agent or user may not be warned that secrets are needed or used. Additionally, release/publishing docs instruct use of GitHub tokens for clawhub/npm operations — these are sensitive and unrelated to runtime text processing.
Persistence & Privilege
The skill does not request always:true and does not declare elevated platform privileges. Autonomous invocation (disable-model-invocation=false) is the platform default and present here, which is normal. The package contains scripts that, if run manually, perform Git operations and publishing; but nothing in the skill forces persistent system-wide changes by itself.
What to consider before installing
This repository appears to implement a Python-based Chinese NLP toolkit (jieba, pypinyin, OCR, translate via requests) and contains many helpful docs and scripts. Before installing or running anything, please: 1) Review the included install scripts (install.sh, scripts/*.sh, and PowerShell release scripts) — they contain git/publish commands that could push tags or publish code if executed. 2) Treat API credentials as sensitive: the code reads BAIDU/TENCENT/ALIYUN environment variables but the skill metadata did not declare them — do not paste secrets into your environment without understanding where they will be sent. 3) Note the documentation inconsistencies (Node/npm packaging and an unrelated GitHub repo name) — these could be copy-paste leftovers; verify repository origin and maintainer identity before trusting release automation. 4) If you only need runtime features, prefer inspecting and running the toolkit Python modules locally in an isolated environment (virtualenv) and avoid running release/publishing scripts. If you want this skill enabled for autonomous agents, consider asking the maintainer to update metadata to list required env vars and to remove or clearly label publish scripts so automated or inexperienced users are not misled.

Like a lobster shell, security has layers — review code before you run it.

chinesevk979dzs0admve3mdztevt829yh81njmqlatestvk979dzs0admve3mdztevt829yh81njmqnlpvk979dzs0admve3mdztevt829yh81njmq

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🇨🇳 Clawdis
Binspython3, pip

Comments