Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

China Summarizer

v1.0.1

中文内容智能总结工具。Use when the user wants to summarize local files (TXT/MD/PDF/Word), web pages, news articles, or WeChat public account articles. No login, no API...

0· 84·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (summarize local files, webpages, WeChat articles) aligns with what the SKILL.md instructs: using curl to fetch URLs and python3-based tools to extract text from PDFs/Word. Declared required binaries (curl, python3) are appropriate for the stated purpose. The skill recommends additional extraction tools (pdftotext, pypdf, pdfminer, python-docx) as optional/fallbacks, which is reasonable for robust extraction.
Instruction Scope
Instructions explicitly tell the agent to fetch arbitrary URLs with curl and to read local file paths (cat, python scripts, pdftotext). This behavior is expected for a summarizer but means the agent will access any path/URL the user supplies. The SKILL.md does not reference any external endpoints beyond the user-supplied URLs and contains no hidden exfiltration instructions. Minor inconsistency: SKILL.md uses pdftotext and several Python libraries but those are not listed in the registry's required binaries/dependencies; the skill handles this by prompting the user to install them as needed.
Install Mechanism
Instruction-only skill with no install spec and no code files — lowest install risk. The skill suggests installing third‑party tools if necessary, but it does not itself download or execute external archives.
Credentials
No environment variables, credentials, or config paths are requested. The skill only needs local command-line tools and Python libraries to extract text, which fits its purpose.
Persistence & Privilege
always:false and no install hooks or requests to modify agent/system configuration. The skill does instruct runtime commands that read files and fetch URLs, but it does not request persistent privileges or make permanent changes.
Assessment
This skill appears to do what it says, but keep these practical cautions in mind: - The agent will fetch any URL you provide and read any local path you provide — do not ask it to summarize sensitive secrets, private keys, or internal-only documents you don't want processed by the model. - The skill recommends optional tools (pdftotext, pypdf, pdfminer, python-docx). pdftotext and Python libraries may need to be installed manually; the registry only declared curl and python3 as required. - If a page requires JavaScript rendering, curl may not get the content — the skill will ask you to paste the text instead. - Because the skill sends extracted text into the loaded model for summarization, ensure you are comfortable with that data being processed by your agent/model. If you need the agent to handle highly sensitive documents, prefer local, offline tooling and verify runtime policies before sending such inputs to a model.

Like a lobster shell, security has layers — review code before you run it.

latestvk974qydawcxkghxrv2f0wx2fyn83fvh2

License

MIT-0
Free to use, modify, and redistribute. No attribution required.

Runtime requirements

📝 Clawdis
Binscurl, python3

Comments