错题小助手
ReviewAudited by ClawScan on May 10, 2026.
Overview
This is mostly a local study-data helper, but it needs review because some user-provided fields can affect file paths and exported HTML is not safely escaped.
Install only if you are comfortable with a local workspace-based mistake database. Before using it with arbitrary copied/OCR content, the maintainer should constrain file paths to mistake-data/ and escape HTML exports. Keep the mistake-data directory private if it contains personal study history.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A malformed or adversarial topic value could cause the assistant to create or overwrite JSON files outside the expected mistake database area.
The user-provided knowledge-point field is used directly as a filename without sanitizing path separators, absolute paths, or traversal sequences, so a crafted topic could write outside the intended mistake-data subject folder.
topic: str = None ... subject_file = DATA_DIR / code / f"{topic or 'general'}.json" ... save_json(subject_file, subject_data)Convert topics to safe slugs, reject absolute paths and '..', resolve the final path, and enforce that all writes remain under the intended mistake-data directory.
A malicious or accidental script embedded in a copied question, answer, or OCR text could run in the browser when the exported HTML file is viewed.
Stored mistake fields are inserted directly into generated HTML without escaping or sanitization. If a mistake record contains HTML or JavaScript, that code can execute when the exported HTML is opened.
<div class="question">{m.get('question', '')}</div> ... <span class="wrong">{m.get('wrong_answer', '')}</span> ... <span class="correct">{m.get('correct_answer', '')}</span>Escape all user-controlled fields with html.escape or a safe template engine before generating HTML, and consider adding a restrictive Content Security Policy for exports.
OCR-related features may fail or require extra local software that is not declared during installation.
SKILL.md references an OCR helper and Tesseract dependency, but the manifest does not include ocr_image.py and metadata declares no required binaries. This is an incomplete capability/dependency declaration.
`ocr_image.py` - 图片OCR识别(需要Tesseract)
Either include and review the OCR helper with clear dependency declarations, or remove/mark the OCR feature as unsupported.
Mistake records may persist across sessions and could be synced or backed up depending on the user’s workspace setup.
The skill persistently stores user study records and may rely on workspace/cloud-drive synchronization. This is disclosed and aligned with the product purpose, but the data can include personal learning history.
所有错题数据存储在用户工作区的 `mistake-data/` 目录: - 支持跨设备同步(通过云盘) - JSON格式便于备份和迁移
Store only intended study content, avoid adding sensitive personal information, and review cloud-sync or sharing settings for the mistake-data directory.