ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Glin Profanity MCP

v1.0.0

MCP server providing profanity detection tools for AI assistants. Use when reviewing batches of user content, auditing comments for moderation reports, analyzing text for profanity before publishing, or when AI needs content moderation capabilities during workflows.

0· 2k·1 current·2 all-time
by@thegdsks
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description and the listed tools (profanity detection, censoring, batch operations, context analysis) are coherent with a moderation MCP server. However, the SKILL.md's installation instructions require running 'npx' to fetch the npm package, yet the skill metadata lists no required binaries — that's an omission. Also, features under 'User Tracking' (track_user_message, get_user_profile, get_high_risk_users) imply persistent storage or identifiers; the skill declares no config paths, storage backends, or credentials, which is inconsistent with those capabilities.
!
Instruction Scope
SKILL.md instructs the agent to add an MCP entry that runs 'npx -y glin-profanity-mcp'. That will cause the agent environment to fetch and execute remote npm package code at runtime. The instructions do not specify where tracked user data is stored, what identifiers are required, retention policies, or where telemetry/requests are sent — the tracking utilities broaden scope without operational detail. There are no instructions that read arbitrary local files, but the guidance is vague about data flows and persistence.
!
Install Mechanism
There is no formal install spec in the metadata, but the provided installation steps rely on npx, which downloads and runs the package from npm at runtime. Using 'npx -y' implicitly executes remotely fetched code and accepts defaults; that elevates risk compared to a packaged, audited install. The SKILL.md cites npm and GitHub URLs for the project, which helps traceability, but npx-based execution still allows remote code to run and to change if the npm package is updated.
!
Credentials
The skill declares no required environment variables or credentials, which would be reasonable for a purely local tool — but the presence of user-tracking tools implies some form of storage, identifiers, or external service (DB, analytics, or remote API). The absence of declared config paths, storage endpoints, or credentials (for example, for a database) is a mismatch. There is also no privacy or data-handling guidance in the SKILL.md.
Persistence & Privilege
always is false (good). The skill runs via npx when invoked by the agent; it does not request explicit persistent platform privileges in the metadata. However, because the runtime uses npx to fetch and execute remote code and the skill provides user-tracking features, the effective blast radius is higher if the agent invokes it autonomously (default behavior). Consider limiting autonomous invocation until you audit the package.
What to consider before installing
This skill looks like a reasonable profanity-moderation tool, but exercise caution before installing. The SKILL.md instructs the agent to run 'npx -y glin-profanity-mcp', which will download and execute code from npm/GitHub at runtime — verify the npm package and repository (look at the exact package contents and history). Ask the author where user tracking data is stored, what identifiers are collected, retention/ deletion policies, and whether any external endpoints are contacted. Prefer a pinned package version (not 'npx -y' which fetches the latest), run it in a sandbox first, and avoid enabling autonomous invocation until you've reviewed the source and data-handling details.

Like a lobster shell, security has layers — review code before you run it.

ai-toolsvk974xq25amxznn4h4jr90w448n80ae64claudevk974xq25amxznn4h4jr90w448n80ae64content-moderationvk974xq25amxznn4h4jr90w448n80ae64cursorvk974xq25amxznn4h4jr90w448n80ae64latestvk974xq25amxznn4h4jr90w448n80ae64mcpvk974xq25amxznn4h4jr90w448n80ae64

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments