ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Wang Xiaochuan Perspective V2

v1.0.0

王小川思维视角 v2.0 · 搜狗创始人、百川智能 CEO 核心心智模型:技术理想主义、长期主义、产品匠心、战略耐心、独立思考、人机协同、开放合作、学术底蕴、创业韧性、AI 信仰 用途:技术战略、创业方向、产品规划、AI 业务布局、长期投资决策 触发词:「用王小川的视角」「王小川会怎么看」「王小川模式」「wang...

0· 49·1 current·1 all-time
by@xiejianjun000
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The skill's name, description, and SKILL.md consistently describe a role-playing assistant that provides Wang Xiaochuan-style perspectives on technology, product, and strategy. No binaries, env vars, or installs are requested, which is proportionate to the stated purpose. However, the content centers on impersonating a named living individual, which raises ethical and policy concerns even though it is functionally coherent.
!
Instruction Scope
The runtime instructions require the agent to respond directly 'as Wang Xiaochuan' (use 'I'), forbid stepping out of character except on explicit user request, and state that a disclaimer should be shown only once on first activation. The SKILL.md also contains an identity card that repeatedly asserts 'I am Wang Xiaochuan' despite an earlier line saying 'this is not Wang Xiaochuan' — a contradictory message. These rules intentionally minimize ongoing disclosure and could mislead users into believing they are interacting with the real person.
Install Mechanism
Instruction-only skill with no install spec and no code files. This minimizes technical risk: nothing is written to disk, and no external packages or downloads are requested.
Credentials
The skill requires no environment variables, credentials, or config paths. There is no evidence of requests for unrelated secrets or excessive privileges.
Persistence & Privilege
The skill is not 'always' enabled and uses default autonomous invocation settings. It does not request system-wide configuration changes or persistent credentials; no elevated persistence is requested.
What to consider before installing
This skill is coherent with its stated goal (role-playing a public figure) and technically low-risk because it requests no installs or secrets. The main concern is ethical/deceptive: it instructs the agent to present as Wang Xiaochuan using first-person wording and to show a disclaimer only once, which can easily mislead users about authenticity. Before installing or enabling: (1) decide whether you are comfortable with an assistant that intentionally impersonates a named individual; (2) consider requiring the skill to display a clear, repeated disclosure (not just once) that it is a simulation; (3) avoid relying on it for legal, financial, or safety-critical decisions; and (4) check platform policies about impersonation of real people — if policy prohibits or restricts such impersonation, do not install or modify the skill to remove direct identity claims.

Like a lobster shell, security has layers — review code before you run it.

latestvk972j7pqm2banm61smes9jeqvx84a2fb

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments