ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

한국 자동차/보험 가이드

v1.0.0

자동차/보험 정보 스킬. 10개 인텐트 라우팅(Car Tax Calc~Beginner Guide), 지방세법 기반 자동차세 계산 + 보험개발원 공시 + 중고차 시세 Flash+Deep-Dive 2겹 리포트. 트리거: "자동차세", "차세금", "중고차", "자동차 보험", "보험료...

0· 499·0 current·0 all-time
by김성우@sw326
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description, domain_config, playbook, and templates consistently implement Korean 자동차/보험 guidance (자동차세 계산, 중고차 시세, 보험료 참고, 사고 처리 등). Requested resources (law-search, web_search, 보험개발원 공시/data.go.kr) are appropriate for the stated tasks.
Instruction Scope
SKILL.md and playbook instruct the agent to use web_search, a law-search skill, and (optionally) the data.go.kr API. One instruction references running a local script path (bash skills/law-search/scripts/law_search.sh). That is plausible (invoking another skill) but does ask the agent to call a script path outside the single SKILL.md — verify that the referenced law-search connector is trusted and that executing that script is expected in your environment.
Install Mechanism
No install spec and no code files to execute are included; this is an instruction-only skill, which minimizes disk-write/remote-download risk.
Credentials
The skill declares no required environment variables or credentials. It documents using the data.go.kr (보험개발원) API which may require an API key if used; the skill does not request that key up-front. This is not malicious but means the agent may prompt for or expect a key at runtime if the user asks for API-backed data.
Persistence & Privilege
always is false and the skill does not request persistent privileges or modify other skills' config. It is user-invocable and allows normal autonomous invocation (platform default).
Assessment
This skill is an instruction-only Korean car/insurance advisor that relies on web searches, a separate law-search skill, and optional data.go.kr (보험개발원) data. Before installing or invoking it: 1) confirm you trust the law-search connector and any other referenced skills, because the playbook suggests running a local script path (verify that script's behavior and origin); 2) be aware the skill may prompt you for or use an API key for data.go.kr if you request official insurance-publication data — it does not declare credentials up-front; 3) avoid entering highly sensitive personal identifiers (full resident numbers, full VINs with private registration details, or other PII) unless you understand where queries are sent; and 4) remember the outputs are advisory (disclaimers present) — verify legal/financial actions with official sources if needed.

Like a lobster shell, security has layers — review code before you run it.

carvk9708hy982spnr5jmdb1xp8eyn81mj6hinsurancevk9708hy982spnr5jmdb1xp8eyn81mj6hkoreavk9708hy982spnr5jmdb1xp8eyn81mj6hkoreanvk9708hy982spnr5jmdb1xp8eyn81mj6hlatestvk9708hy982spnr5jmdb1xp8eyn81mj6h

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments