ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

meeting-minutes-retriever

v1.0.0

Read meeting minutes or notes from a local file path or URL, or inspect a local meeting-notes directory and report the file count plus file list. Use when th...

0· 104·0 current·0 all-time
by曹广雨@xiaocaijic
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
The name/description ask for reading local files, directories, or URLs and listing meeting-note files; the included scripts implement exactly that. Required binaries, env vars, and config paths are none, which aligns with the stated functionality.
Instruction Scope
SKILL.md restricts behavior to reading files/URLs or listing directories and requires user-supplied locations. The runtime scripts follow that scope (reading files with multiple encodings, fetching URLs with requests, listing .md/.txt files). Note: the directory lister uses OS-native commands (find on Unix, PowerShell on Windows) invoked via subprocess; on Windows the PowerShell script embeds the provided path in a script string without escaping single quotes, which could be fragile or lead to mis-parsing for specially crafted paths. Also the reader will fetch arbitrary URLs (requests.get) which can leak metadata or contact external servers if the agent environment allows network access — this is expected for URL fetches but worth being aware of.
Install Mechanism
No install spec (instruction-only with included scripts). No downloads or external installers. Code files are included directly in the skill bundle, so nothing is fetched or executed at install time.
Credentials
The skill requests no environment variables or credentials. It does use the network (requests) to fetch URLs and runs local filesystem access, both of which are consistent with its purpose and do not require additional secrets.
Persistence & Privilege
always is false and the skill does not request persistent/system-wide privileges or modify other skills. It reads only user-provided paths/URLs and lists directory contents; it does not write configuration or attempt to persist beyond its own execution.
Assessment
This skill appears to do what it says: read meeting files or list meeting-note files. Before installing, consider the following: (1) The skill will read any local file path you provide and will fetch any URL you provide — only give it paths/links you trust. (2) The directory lister uses OS commands via subprocess; on Windows the PowerShell command embeds the path without escaping single quotes which could be fragile or potentially abused if untrusted paths are supplied. (3) Run the skill in a restricted/sandboxed environment if possible (limited filesystem access, limited network egress) and review the scripts if you need higher assurance. If you want a safer fix, replace shell-based listing with purely Python directory enumeration or ensure the path is properly escaped/validated before calling PowerShell.

Like a lobster shell, security has layers — review code before you run it.

latestvk97fznpsv4hh8h1bt0wz8scwn9832fg9

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments