错题小助手
PassAudited by VirusTotal on May 7, 2026.
Overview
Type: OpenClaw Skill Name: mistake-assistant Version: 1.0.0 The 'mistake-assistant' skill is a legitimate educational tool designed to help users track and review academic mistakes using the Ebbinghaus forgetting curve. The provided Python scripts (add_mistake.py, export.py, review_today.py, and stats.py) implement standard file-based CRUD operations and data aggregation within the local workspace. There is no evidence of data exfiltration, malicious command execution, or harmful prompt injection instructions.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A malformed or adversarial topic value could cause the assistant to create or overwrite JSON files outside the expected mistake database area.
The user-provided knowledge-point field is used directly as a filename without sanitizing path separators, absolute paths, or traversal sequences, so a crafted topic could write outside the intended mistake-data subject folder.
topic: str = None ... subject_file = DATA_DIR / code / f"{topic or 'general'}.json" ... save_json(subject_file, subject_data)Convert topics to safe slugs, reject absolute paths and '..', resolve the final path, and enforce that all writes remain under the intended mistake-data directory.
A malicious or accidental script embedded in a copied question, answer, or OCR text could run in the browser when the exported HTML file is viewed.
Stored mistake fields are inserted directly into generated HTML without escaping or sanitization. If a mistake record contains HTML or JavaScript, that code can execute when the exported HTML is opened.
<div class="question">{m.get('question', '')}</div> ... <span class="wrong">{m.get('wrong_answer', '')}</span> ... <span class="correct">{m.get('correct_answer', '')}</span>Escape all user-controlled fields with html.escape or a safe template engine before generating HTML, and consider adding a restrictive Content Security Policy for exports.
OCR-related features may fail or require extra local software that is not declared during installation.
SKILL.md references an OCR helper and Tesseract dependency, but the manifest does not include ocr_image.py and metadata declares no required binaries. This is an incomplete capability/dependency declaration.
`ocr_image.py` - 图片OCR识别(需要Tesseract)
Either include and review the OCR helper with clear dependency declarations, or remove/mark the OCR feature as unsupported.
Mistake records may persist across sessions and could be synced or backed up depending on the user’s workspace setup.
The skill persistently stores user study records and may rely on workspace/cloud-drive synchronization. This is disclosed and aligned with the product purpose, but the data can include personal learning history.
所有错题数据存储在用户工作区的 `mistake-data/` 目录: - 支持跨设备同步(通过云盘) - JSON格式便于备份和迁移
Store only intended study content, avoid adding sensitive personal information, and review cloud-sync or sharing settings for the mistake-data directory.