ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Grant Budget Justification

v0.1.1

Generate narrative budget justifications for NIH/NSF applications

0· 112·0 current·0 all-time
byAIpoch@aipoch-ai
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
high confidence
Purpose & Capability
The stated purpose (generate NIH/NSF budget justifications) matches the provided Python script's behavior (demo-mode generation of personnel/equipment/supplies/travel justification). There are no unexpected network, credential, or system-level requirements. However, the SKILL.md documents many CLI parameters (--input / -i, --justification-type, --format, --agency) that are not implemented in scripts/main.py, indicating a metadata/code mismatch.
!
Instruction Scope
SKILL.md describes input files and many parameters; the actual script only supports --demo, and accepts --personnel and --equipment flags but never reads JSON files — it prints a message telling the user to provide files but doesn't implement parsing. The script writes an output file path directly with open(..., 'w') without validating the path (no check for ../ traversal or workspace confinement). This mismatch and lack of input validation are scope and safety concerns.
Install Mechanism
No install spec (instruction-only plus a small Python script). Nothing is downloaded or installed; risk from install mechanism is low.
Credentials
The skill requests no environment variables, no credentials, and no config paths. That is proportionate to the stated purpose.
Persistence & Privilege
The skill is not always-enabled and does not request elevated platform privileges. Its only persistence behavior is writing an output file (default budget_justification.txt) which is expected for this functionality, though path validation is missing.
What to consider before installing
This skill appears to do what it says at a high level, but there are important inconsistencies and missing safety checks you should address before using it: - Mismatch: SKILL.md documents CLI flags (e.g., --input/-i, --format, --agency) that the shipped script does not implement; the script only provides --demo and help text for --personnel/--equipment but never actually reads those files. Expect the feature set to be incomplete or broken. - Missing input parsing: The script does not parse JSON/CSV inputs even though the skill claims to accept them. If you need real input-file processing, request the author to implement and test JSON/CSV parsing. - Path safety: The script writes the output file directly with open(args.output, 'w') and does not validate the output path. This could allow writing outside the intended workspace (e.g., using ../). Ask for checks ensuring the output file resides in a workspace-restricted directory (use absolute path checks or a sandbox) and refuse unsafe paths. - Error handling & sanitization: The script prints messages and writes files but lacks robust error handling for malformed inputs. Request improved validation, sanitized error messages, and unit tests for edge cases. - Run in a sandbox first: Until the code is corrected, run it in an isolated environment where file writes cannot overwrite sensitive system files. Recommended action: do not install/enable this skill for production use until the author updates the code to implement the declared CLI options, adds JSON/CSV parsing with validation, enforces output-path confinement to the workspace, and provides tests or updated documentation verifying the behavior.

Like a lobster shell, security has layers — review code before you run it.

latestvk9786y8f8e2zgce44xsfvar80x832yen

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments