ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

translation

v1.0.1

When the user wants to translate content, create translation workflows, manage terminology, or optimize translation quality. Also use when the user mentions...

0· 716·2 current·2 all-time
by@kostja94
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name and description match the runtime instructions: the SKILL.md is a detailed translation/localization workflow, glossary, style-guide, and quality checklist. None of the guidance requires external credentials, unusual binaries, or system-level access beyond project files, so the declared purpose is coherent with content.
!
Instruction Scope
The instructions explicitly tell the agent to look for and read local project context files (.claude/project-context.md or .cursor/project-context.md). The registry metadata lists no required config paths, so the skill asks to access files that were not declared in the skill requirements. While reading project context is reasonable for translation, undeclared file access is a scope mismatch that users should be aware of.
Install Mechanism
There is no install spec and no code files; this is instruction-only, which minimizes installation risk. Nothing will be written to disk by an install step.
Credentials
The skill declares no required environment variables, no primary credential, and no config paths. The SKILL.md does not ask for secrets or external API keys. This level of access is proportional to the stated translation/localization purpose.
Persistence & Privilege
Flags: always is false and disable-model-invocation is false (normal). The skill does not request persistent or elevated privileges. Autonomous invocation is allowed by default on the platform but is not, by itself, an additional concern here.
What to consider before installing
This skill is an instruction-only translation guide and appears to be what it claims, but it instructs the agent to read local project context files (.claude/project-context.md, .cursor/project-context.md) even though no config paths are declared. Before installing, confirm you are comfortable with the agent accessing project files in the working directory. If you want tighter control, ask the skill author to (a) declare required config paths explicitly, (b) limit file reads to a specific trusted path, or (c provide an option to refuse reading local files. Also note there is no homepage or source listed—if provenance is important, request the author/source information or a published repository for review.

Like a lobster shell, security has layers — review code before you run it.

latestvk97fkb25yt0htt1k10qjkk61dx83xtxt

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments