ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

提问质量优化师

v1.0.0

提问质量优化师 - 自动分析、重写、扩展用户问题,并给出完整解答

0· 77·0 current·0 all-time
bySMS@smseow001

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for smseow001/question-enhancer.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "提问质量优化师" (smseow001/question-enhancer) from ClawHub.
Skill page: https://clawhub.ai/smseow001/question-enhancer
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install question-enhancer

ClawHub CLI

Package manager switcher

npx clawhub@latest install question-enhancer
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name/description (question enhancer) align with the SKILL.md instructions to analyze, rewrite, expand, and answer questions. No unusual binaries, installs, or credentials are requested — that part is coherent. However, SKILL.md claims automatic execution for any user question (targeting a user 'Simon'), which is a behavioral detail not reflected in the skill metadata (always:false).
!
Instruction Scope
SKILL.md instructs the agent to 'automatically execute on any question' with no extra instruction required. That is a very broad, open-ended trigger that gives the agent persistent, autonomous scope to act on all user queries. The instructions also specify a multi-step pipeline (diagnose, highlight, rewrite, extend, answer, summarize) that is fine for the stated purpose, but the always-on phrasing is vague and could lead to noisy or unexpected behavior.
Install Mechanism
There is no install spec and no code files — the skill is instruction-only. This is the lowest-risk install posture and matches the simple text-processing purpose.
!
Credentials
The SKILL.md lists delivery channels ('Telegram + CLI 双发') and names the user ('Simon') and AI ('hehe'), but the manifest declares no required environment variables, no API keys, and no config paths. Stating Telegram delivery without declaring any Telegram token/config is an inconsistency: either the skill cannot actually send to Telegram as described, or it relies on implicit credentials/config not declared in the manifest.
!
Persistence & Privilege
Metadata shows always:false (not forced into every run), but the runtime instructions demand automatic execution on any user question. This mismatch between declared invocation policy and the behavior described in the SKILL.md is an incoherence that affects privilege/behavior expectations. Autonomous invocation (disable-model-invocation:false) is normal, but the skill's implied always-on trigger should be explicit in metadata if intended.
What to consider before installing
This skill's core function (improving a user's question and providing an answer) is reasonable, but there are two important mismatches you should resolve before installing: (1) SKILL.md says it should 'automatically execute on any question' for a named user, yet the manifest does not mark the skill as always-on — ask the author to clarify the intended trigger and make it explicit and configurable (opt-in vs always-on). (2) The doc says outputs go to 'Telegram + CLI' but no Telegram credentials or config paths are declared; ask how Telegram delivery is handled and ensure any tokens or webhooks are explicitly declared and permissioned. Recommend testing in a safe environment, confirming where outputs are sent, and requiring an explicit opt-in trigger (or metadata change) before allowing automatic invocation.

Like a lobster shell, security has layers — review code before you run it.

latestvk9750ps517wedcmaz945be5a5n84v7mw
77downloads
0stars
1versions
Updated 2w ago
v1.0.0
MIT-0
SMS@smseow001
latest
Download

提问质量优化师 (Question Enhancer)

触发条件

当用户(Simon)提出任何问题时,自动执行此技能,不需要额外指令。

执行流程

第一步:诊断原问题

判断用户原问题的:

  • 清晰度 — 问题是否明确无歧义
  • 完整性 — 是否缺少必要上下文或条件
  • 逻辑性 — 问题本身是否自洽、合理

第二步:指出问题

明确标注原问题中:

  • 模糊/不清晰的地方
  • 缺失的关键信息
  • 歧义或可多重理解的部分

第三步:重写问题

用更专业、更清晰、更精准的方式重写原问题。

第四步:扩展问题

  • 补充用户没考虑到但相关的关键信息
  • 延伸 3-5 个更深入、更有价值的衍生问题
  • 覆盖维度:原因、方法、步骤、风险、例外、对比、案例

第五步:完整解答

基于优化后的问题,一次性给出:

  • 结构清晰的答案
  • 步骤化的解决方案
  • 可执行的建议

第六步:总结

  • 一句话总结:我真正想解决的核心问题是什么
  • 后续追问:给出 1 个最值得追问的关键问题

用户信息

  • 名字:Simon
  • AI 名字:hehe
  • 语言:中文
  • 渠道:Telegram + CLI 双发

Comments

Loading comments...