Contract Compare

v1.0.0

AI-powered tool that compares contract documents clause-by-clause, highlights differences, and generates structured diff reports with risk assessment (PRO).

⭐ 0· 35·0 current·0 all-time

byYK-Global@billjamno58

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for billjamno58/contract-compare.

Previewing Install & Setup.

Prompt PreviewInstall & Setup

Install the skill "Contract Compare" (billjamno58/contract-compare) from ClawHub.
Skill page: https://clawhub.ai/billjamno58/contract-compare
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install contract-compare

ClawHub CLI

Package manager switcher

npx clawhub@latest install contract-compare

Security Scan

Capability signals

CryptoCan make purchasesRequires sensitive credentials

These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.

VirusTotal

Benign

View report →

OpenClaw

Suspicious

medium confidence

ℹ

Purpose & Capability

The name, description, and code (parsers, diff engine, Excel/reporting, billing) are coherent: extracting clauses, using AI to compare and assess risk, and exporting reports are all expected. However, the registry metadata claims "Required env vars: none" while SKILL.md and the code clearly require AI API keys (OPENAI_API_KEY or ANTHROPIC_API_KEY) and optional billing keys (SKILL_BILLING_API_KEY, SKILL_BILLING_SKILL_ID). The unknown source/homepage reduces trust but does not itself contradict purpose.

Instruction Scope

Runtime instructions (SKILL.md and main.py) ask the agent to parse user-provided files and call external AI providers (OpenAI/Anthropic) and the SkillPay billing API. The code uses only those services for its stated purpose and sanitizes filenames, but SKILL.md promises temp storage is auto-cleaned while the visible code creates /tmp/contract-compare/ and I did not find a guaranteed cleanup routine. Also the skill's "dev mode" (no SKILL_BILLING_API_KEY) gives full PRO capabilities — this is an operational/design choice that could surprise users expecting billing enforcement.

✓

Install Mechanism

There is no automated install spec in the registry, but SKILL.md instructs pip install -r requirements.txt and installing tesseract for OCR. requirements.txt lists common published packages (openai, anthropic, pdf/office libs, pytesseract, etc.). No remote downloads from unknown hosts or archive extraction from arbitrary URLs were observed.

Credentials

The environment variables required by the code/SKILL.md (OPENAI_API_KEY or ANTHROPIC_API_KEY for AI calls, optional CLAUDE_MODEL, and SKILL_BILLING_API_KEY/SKILL_BILLING_SKILL_ID/FEISHU_USER_ID for billing/usage tracking) are appropriate for the stated features. The inconsistency is that registry metadata advertises no required env vars while SKILL.md and code require them. Additionally, the billing module is explicitly designed to operate in a dev/unlocked state if SKILL_BILLING_API_KEY is absent (balance=999.0), which effectively disables the payment guard and could be abused or cause unexpected free PRO access.

✓

Persistence & Privilege

The skill does not request 'always: true' or other elevated platform privileges. It does not appear to modify other skills or global agent settings. It writes temporary files to /tmp/contract-compare/ and creates Excel reports there; no evidence of persisting credentials. The claim that "API Keys are user-provided, never stored" aligns with how keys are read from environment variables.

What to consider before installing

Before installing or running this skill: - Treat the package as untrusted code (source unknown, no homepage). Inspect the full repository locally and run in an isolated environment (container or VM) with no access to sensitive networks. - Expect to provide an OpenAI or Anthropic API key to use AI features; the registry metadata incorrectly claimed no env vars. Only provide keys you are willing to expose to this code. - Billing: the skill contacts skillpay.me for balance/charging. If SKILL_BILLING_API_KEY is absent, the tool intentionally runs in a "dev mode" that grants full PRO access (balance=999.0). Decide whether that behavior is acceptable; it can be used to bypass billing but may indicate the code was prepared for local developer testing rather than production. - Temporary files are written under /tmp/contract-compare/; SKILL.md states auto-clean but I did not find a robust cleanup routine. Avoid processing highly sensitive contracts until you confirm deletion behavior. - Recommended next steps: verify provenance of this package (who published it), run static linting, open and review the full, untruncated source for hidden network calls or obfuscated logic, and test with non-sensitive sample documents first. If unsure, run it only in a sandbox and avoid giving it production API keys or real contracts until you are comfortable with its behavior.

Like a lobster shell, security has layers — review code before you run it.

latestvk970bc9b73gf2sdvcehd0nrjws85qgah

35downloads

0stars

1versions

Updated 10h ago

v1.0.0

MIT-0

Contract Smart Compare

Skill ID: contract-compare Version: 1.0.0 Category: Document Processing

Overview

Contract Smart Compare is an AI-powered contract document comparison tool. Automatically identifies and highlights clause-level differences between two or more contract documents, generating structured diff reports.

Features

Smart Clause Extraction

Automatically identifies numbered clauses (Article X, Section X, etc.)
Supports PDF, DOCX, TXT formats
OCR for image scans (PRO)

Precise Difference Detection

Clause-by-clause comparison: Article X → Original → New
Three categories: New / Deleted / Modified
Multi-version timeline (PRO)

AI Risk Assessment (PRO)

Automatic legal risk level (High/Medium/Low)
Focus: liability, breach, payment clause changes

Key Clause Summary (PRO)

AI-powered core clause extraction
Quickly understand key changes per version

Multi-format Export

Markdown diff report (all tiers)
Excel diff list (PRO)
Risk summary report (PRO)

Tiered Features

Feature	FREE	PRO
File formats	TXT, DOCX	TXT, DOCX, PDF, JPG, PNG
File versions	2 files	3+ files
Diff classification	Basic	New / Deleted / Modified
Risk assessment	❌	✅ High / Medium / Low
Key clause summary	❌	✅
Excel export	❌	✅
Monthly limit	5 uses	Unlimited
Price	Free	$0.01 USDT / call

Usage

Compare Two Contracts

python -m src.main compare contract_a.pdf contract_b.pdf \
  --label-a "Version 1" --label-b "Version 2" -o diff_report.md

Multi-version Compare (PRO)

python -m src.main multi v1.pdf v2.pdf v3.pdf \
  --labels "Draft" "Revised" "Final" \
  --dates "2024-01-01" "2024-03-15" "2024-06-01" \
  --output report.md --excel

Parse Contract Text

python -m src.main parse contract.pdf --max-chars 3000

Environment Variables

Variable	Description	Required
OPENAI_API_KEY	OpenAI API Key	One of
ANTHROPIC_API_KEY	Anthropic API Key	One of
CLAUDE_MODEL	Model name (default: claude-sonnet-4-20250514)	Optional

Billing (PRO calls):

Variable	Description	Required
SKILL_BILLING_API_KEY	SkillPay Builder API Key	PRO
SKILL_BILLING_SKILL_ID	Skill slug (contract-compare)	PRO
FEISHU_USER_ID	User ID (auto-set by OpenClaw)	Auto

Supported File Types

Format	FREE	PRO
TXT	✅	✅
DOCX	✅	✅
PDF	❌	✅
JPG/PNG (OCR)	❌	✅

Tech Stack

PDF: PyMuPDF + pdfplumber
Word: python-docx
Encoding: chardet
OCR: pytesseract + Pillow
AI: OpenAI GPT-4o / Anthropic Claude (user-provided Key)
Excel: openpyxl

Security

Files stored in /tmp/contract-compare/ (temp directory, auto-cleaned)
API Keys are user-provided, never stored
Strict path sanitization (only alphanumeric, ., _, - allowed)
10-second timeout on all HTTP requests
No data retained after comparison

Billing

FREE: 5 uses per month, no charge
PRO: $0.01 USDT per call (deducted via SkillPay at skillpay.me/contract-compare)

Billing is triggered at the start of each PRO-tier comparison call. Balance is checked before charging; if insufficient, a top-up URL is returned.

Dev Mode: When SKILL_BILLING_API_KEY is not set, the tool runs in dev mode with full access (balance=999.0, no charge).

Installation

pip install -r requirements.txt

# OCR support (optional, for image scans):
# Ubuntu/Debian:
sudo apt-get install tesseract-ocr tesseract-ocr-chi-sim
# macOS:
brew install tesseract

Contract Smart Compare — AI-powered contract comparison for legal, procurement, and compliance teams.

Comments

Loading comments...