ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

llm-text-correct

v1.2.2

当用户想要**纠正中文文本错误**、**修改拼写错别字**、**修正语法**、**调整标点**、**润色中文句子**、**检查形近字错误**时自动触发。 使用 pycorrector + MacBERT 专业模型进行高精度中文纠错,准确率远高于普通 LLM 直接提示。 支持直接输入一段文字、长文本,或提供文本文件...

0· 108·0 current·0 all-time
by顶尖王牌程序员@wangminrui2022
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
Name/description promise: high-precision Chinese text correction using pycorrector + MacBERT. Actual code mostly implements that, including Hugging Face model download and GPU refinement. However, the code also installs audio-related packages (audio-separator, pydub, librosa) and will attempt to install full PyTorch wheels (potentially GPU-specific). Those audio packages and the broad dependency footprint are not justified by the stated text-correction purpose and look like leftover/irrelevant components from another project.
!
Instruction Scope
SKILL.md describes correcting text or files, but the runtime script get_text_files() will recursively process files with extensions {.txt, .md, .py, .json, .html, .csv, .js, .css}. That means code and config files (e.g., .py, .json, .js) in a folder can be modified automatically without an explicit warning in the README/SKILL.md. The scripts also create/modify files under skill root (models/, logs/, venv/) and will run system commands (nvidia-smi). The implicit recursion and inclusion of code/config extensions is a scope creep / surprise behavior.
Install Mechanism
No external install spec in registry (instruction-only), but the scripts auto-create a virtualenv and call pip to install packages (via Tsinghua mirror) and use huggingface_hub.snapshot_download to fetch large models (~400MB+). Downloads come from public, known sources (PyPI mirror, download.pytorch.org, huggingface.co). This is moderate risk: legitimate but heavy (GBs), will write to disk, and will execute pip installs at runtime. No obscure or short-link URLs detected.
Credentials
The skill requests no runtime credentials or env vars, which aligns with its purpose. However, it enforces a strict Python version (3.10–3.12), auto-creates a venv at a project-level path, modifies environment by installing PyTorch (CPU/GPU wheels), and runs nvidia-smi to detect hardware — these are invasive system operations relative to a simple text-correction utility. The number and weight of packages (torch, audio libs) are higher than expected for a text-corrector.
Persistence & Privilege
always is false and the skill does not request special platform privileges. It does persist artifacts: creates a virtualenv (VENV_DIR), downloads and caches models under models/, writes logs to logs/, and may rewrite files in user-specified folders. Those filesystem writes are normal for this skill but are persistent and should be considered when installing.
What to consider before installing
This skill mostly does what it says (KenLM + MacBERT correction) but has several surprising behaviors you should consider before installing: - It will create a virtual environment and install large packages (PyTorch, audio libs, huggingface-hub) and download large models (~400MB+). Expect GBs of downloads and long install times; do this only on machines where that is acceptable. - If you point it at a folder, it will recursively edit many file types including .py, .json, .js and other code/config files — the README/SKILL.md doesn't clearly warn about this. Back up any folders before running and test on a small sample first. - The scripts install unrelated audio packages (audio-separator, librosa, pydub) which are not needed for text correction; that suggests borrowed code and increases the attack surface. Consider removing or auditing those lines if you only need text correction. - It will write a venv, models, and logs under the skill root (or nearby directories). If you prefer isolation, run the code in an isolated VM or container, or inspect/modify the scripts to change VENV_DIR/MODELS_DIR paths. - The code uses legit external services (PyPI mirror, download.pytorch.org, huggingface.co) rather than obfuscated endpoints, but automatic network access occurs on first run. If you need to control downloads, use --model-path to provide models locally and run in an environment with no network. Recommended actions: 1) Review scripts locally and run them on a copy of your data. 2) Run in an isolated environment (container/VM) if you are unsure. 3) Remove or modify audio-related installs and the get_text_files extension list if you want to avoid touching code files. 4) Ensure you have sufficient disk and bandwidth for model downloads.

Like a lobster shell, security has layers — review code before you run it.

latestvk97d3cbp6tmgs95tzw9zb4qf8984d2c2

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Binspython

Comments