ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

CLAUDE.md Auto Discovery

v0.1.0

Automatically discovers and loads CLAUDE.md files from the project root, supporting @include directives and reverse loading up to 40,000 characters.

0· 3·0 current·0 all-time
by@shaoxiang616
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the provided code: both Python and Node implementations search upward up to 4 levels for CLAUDE.md (and a variant with a leading space), read and combine contents, apply a 40,000-character limit, and return the text for injection. No unrelated binaries, services, or credentials are requested.
Instruction Scope
SKILL.md states the skill auto-runs on user messages and 'injects into system context' — that is consistent with a loader skill. The runtime instructions and code only read local files; they do not access env vars, network, or other system paths. Minor mismatch: SKILL.md refers to fs.readFileWithinRoot (an abstract API) while implementations use direct file reads; also SKILL.md implies generic upward traversal but code limits to 4 levels. These are implementation details and not high risk.
Install Mechanism
No install specification; this is instruction/code-only and does not download or install external packages or run remote installers.
Credentials
The skill requires no environment variables, credentials, or config paths. The actions (reading CLAUDE.md files) are proportionate to its stated goal.
Persistence & Privilege
Registry flags are normal (always:false, model invocation enabled). The SKILL.md says it will run automatically on user messages; autonomous invocation is allowed by default and not in itself a flaw, but users should be aware the skill will load repository-provided text into the agent context whenever triggered.
Assessment
This skill reads CLAUDE.md files from the repository (up to 4 parent directories), concatenates them, and injects the text into the agent's system context. It does not make network calls or request credentials. Before enabling: (1) review your repository's CLAUDE.md files for any sensitive data (secrets, tokens, private notes), because those will be included in the agent context; (2) note the skill auto-runs on user messages — enable it only for workspaces/repos you trust; (3) be aware implementations check for a file named with a leading space (' CLAUDE.md') which is unusual but harmless. If you need different traversal depth or stricter filtering of loaded content, request or inspect modifications before use.

Like a lobster shell, security has layers — review code before you run it.

contextvk97c2w0ngc5pp74zvpnp97wc1h84b6kwdiscoveryvk97c2w0ngc5pp74zvpnp97wc1h84b6kwlatestvk97c2w0ngc5pp74zvpnp97wc1h84b6kw

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments