ClawHub

Catholic Grounding

v1.0.0

Help answer questions about Catholicism accurately and respectfully (Catechism-first). Provides a structured response format, common topic map with CCC references, and short prayer/reference snippets. Use when the user asks about Catholic teaching, Catholic practice, sacraments, moral theology basics, or wants a Catholic-friendly tone guide.

1· 1.5k·1 current·1 all-time
by@trevortomesh
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (Catechism-first Catholic answers, citations, prayers) match the included reference files and helper scripts. The files are local pointers and snippets that a Catholic-grounding skill would legitimately contain.
!
Instruction Scope
SKILL.md instructs the agent to use local scripts and reference files only, which is appropriate. However, scripts/prayer.sh has a coding error: after running the embedded Python here-document it attempts to execute the shell line "${NAME} ${PR}" as a command. That means a user-supplied NAME could be interpreted as an executable name and the shell will try to run it (usually causing 'command not found', but if the string matches a valid executable path it would run). This is a local command-execution risk caused by a bug, not an intentional backdoor, but it should be fixed before executing the script in an untrusted environment.
Install Mechanism
No install specification; this is effectively instruction-only with small local scripts. No network downloads, no package installs, and no files written during installation by the skill metadata.
Credentials
The skill requests no environment variables, credentials, or configuration paths. The scripts only read local reference files (references/*.md), which aligns with the stated purpose.
Persistence & Privilege
The skill does not request persistent presence (always is false), does not modify other skills or system-wide settings, and does not store credentials. Autonomous invocation is allowed by default but not combined with other risky privileges.
Assessment
This skill appears to do exactly what it says: supply Catechism-based pointers, short prayers, and a tone/style guide using only local files. It does not request secrets or perform network calls. Before installing or running the scripts: (1) review and fix scripts/prayer.sh — it incorrectly invokes the shell with the user-provided NAME after the embedded Python block, which could attempt to execute a user-supplied command; (2) run the scripts in a safe environment (container or non-privileged account) until the bug is corrected; and (3) if you will expose this to other users, consider removing direct execution of user input and ensure the Python helper receives arguments safely (e.g., pass args to python3 correctly or sanitize inputs). Other than that, the package is coherent and low-risk.

Like a lobster shell, security has layers — review code before you run it.

latestvk970eedpc5vgzc48fm7v8k5rn580jgrm

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments