ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Codegirl Skill

v1.0.0

Distill an codegirl into an Codegirlclusive Pair Programming Partner. Import WeChat history, Telegram, GitHub activities, code snippets, generate Coding Memo...

0· 47·0 current·0 all-time
by兰酱qwq@xmlans
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Suspicious
high confidence
Purpose & Capability
The declared purpose (distill chat/GitHub/photos into a local persona Skill) aligns with the included parsers and writer tools. It legitimately needs local file parsing, EXIF reading, and writing generated skill files. There are no requests for unrelated cloud credentials or unexpected system-level access.
!
Instruction Scope
SKILL.md instructs the agent to run the included Python tools on local exports and to write files under ./gfs/{slug}/, which is consistent with the stated purpose. however there are concrete mismatches between the instructions and the actual tool implementations: (1) SKILL.md expects a CLI script for Telegram parsing (calls like `python3 ${CLAUDE_SKILL_DIR}/tools/telegram_parser.py --dir ...`) but the provided tools/telegram_parser.py only defines a TelegramParser class and has no CLI entrypoint or argparse handling; (2) wechat_parser.py's format detection can return values (e.g., 'pywxdump', 'wechatmsg_csv', 'wechatmsg_html') for which no parser is implemented in the parser dispatch (parsers dict only contains 'wechatmsg_txt', 'liuhen', 'plaintext'), so some auto-detected formats will fall back to plaintext behavior; (3) SKILL.md and many examples assume files are written to ./gfs/, but skill_writer.py and version_manager.py default base-dir to ./exes, introducing inconsistent storage paths. These mismatches mean following SKILL.md exactly may fail or store data in unexpected locations.
Install Mechanism
There is no registry install spec; the repository suggests installing via git clone (README/INSTALL.md). All code is included in the package; nothing in the tools performs network calls at runtime. The only external installation step would be optional pip install -r requirements.txt (Pillow). No high-risk remote downloads or URL-extract installs are present in the package itself.
Credentials
The skill declares no required environment variables or secrets. However SKILL.md and runtime examples reference ${CLAUDE_SKILL_DIR} (platform-provided skill dir) without declaring it. No credentials are requested. The scripts extract EXIF/GPS data from photos (privacy-sensitive) and will write generated persona files to local disk — this is proportional to the purpose but is a privacy risk if you import other people's private chats or photos.
Persistence & Privilege
The skill is not always:true and does not request elevated or system-wide privileges. It writes files under per-skill directories (gfs/{slug}/ or default ./exes/ based on script defaults). The version manager modifies only files inside its base_dir. Autonomous invocation is permitted (platform default) but not combined with other high-risk flags.
What to consider before installing
This skill appears to do what it says (create a local persona from exported chats, photos, and GitHub data), but several implementation mismatches and privacy concerns mean you should be cautious before running it. Specifically: - Do not run the included scripts on sensitive third-party data without consent. Photo EXIF extraction can reveal GPS coordinates and timestamps; chat logs contain private messages. Consider stripping EXIF and redacting PII first. - The SKILL.md examples reference ${CLAUDE_SKILL_DIR} and CLI flags; confirm the platform provides CLAUDE_SKILL_DIR and that any invoked script supports the flags used. The telegram_parser file in the package lacks a CLI wrapper — calling it as shown will fail unless you add a small CLI or wrapper. - The wechat parser's auto-detection may claim formats that the script does not fully support; test with small sample files and inspect outputs before trusting automated merges. - Generated files may be written to different default directories (SKILL.md expects ./gfs/, but skill_writer/version_manager default to ./exes/). Search your workspace after a run so you know where data is stored and can delete it if needed. - Review the code before executing in your agent environment. The package does not make external network calls, but it will execute Python scripts (Bash + python3). Run them in a sandbox or with non-privileged user permissions first. If you plan to use this skill: (1) audit and, if desired, fix the CLI/format mismatches (add a CLI entrypoint to telegram_parser or update SKILL.md calls); (2) sanitize inputs (strip GPS and PII); (3) run a test with dummy data to confirm file locations and behavior; (4) avoid creating personas of real people without consent, since the persona can mimic identifiable individuals even if data is stored locally.

Like a lobster shell, security has layers — review code before you run it.

latestvk97f3znymq7d6jz8vkrm1r1gd184aa5w

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments