Ai Intelligent Contract Review
自动化合同审查,风险识别 + 条款分析。
MIT-0 · Free to use, modify, and redistribute. No attribution required.
⭐ 1 · 39 · 0 current installs · 0 all-time installs
MIT-0
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description (automated contract review, risk identification, clause analysis) align with the SKILL.md feature list. However several advertised features (automatic renewal reminders, contract archiving, generation) normally require integrations (email/calendar, persistent storage) or additional configuration that are not documented or declared.
Instruction Scope
The SKILL.md instructs cloning a GitHub repository and running app.py. Because the skill package itself contains no code, the actual runtime behavior depends entirely on external code fetched at install time. The instructions do not describe what data is collected, where contracts are stored, or what external services (email, calendar, cloud storage) will be used — this grants broad discretion to the external repo and could enable data exfiltration or unexpected network activity.
Install Mechanism
Installation is an ad-hoc git clone of a GitHub repo and running a Python app. While GitHub is a common host, the instruction uses an unpinned clone (no release tag/commit) and the skill bundle does not include the referenced code, so installing runs arbitrary external code with no integrity/pinning guarantees.
Credentials
The skill declares no required environment variables or credentials, which superficially limits secrets exposure. But advertised capabilities (notifications, archiving, generation) typically require service credentials or storage access; their absence is an unexplained gap that reduces transparency and is worth questioning.
Persistence & Privilege
The skill does not request always: true, no config paths, and is user-invocable. It does not declare system-wide persistence or modification of other skills. The main concern is the external code it encourages the user to run, not an elevated platform privilege flag.
Scan Findings in Context
[NO_SCAN_FINDINGS] unexpected: The regex scanner found no issues because the package contains only SKILL.md and skill.json (no code to scan). Absence of scan findings is not evidence of safety here because the SKILL.md instructs cloning and running an external repository.
What to consider before installing
This skill is instruction-only and asks you (or the agent) to git clone and run a GitHub repository that is not bundled with the skill. Before installing or running it: (1) review the actual repository contents and commit history on GitHub and prefer a pinned release/tag rather than a raw git clone; (2) inspect app.py and requirements.txt for network calls, third-party libraries, and any code that reads files or sends data externally; (3) confirm how reminders and archiving work — what services are used and what credentials will be required; (4) run the code in a sandboxed environment (container/VM) if you must test it; (5) request the author to declare required environment variables, storage locations, and data retention/consent policies. The mismatch between the skill bundle (no code) and the SKILL.md install steps is the main red flag — treat this as untrusted until you can audit the external repo.Like a lobster shell, security has layers — review code before you run it.
Current versionv1.0.0
Download ziplatest
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
🤖 Clawdis
SKILL.md
AI 智能合同审查系统
描述
自动化合同审查,风险识别 + 条款分析。
功能
- 风险识别(条款风险标注)
- 条款对比(标准合同对比)
- 合同生成(智能填充)
- 到期提醒(自动续约提醒)
- 合同归档(电子化管理)
定价
- 基础版:¥299/月(50 份合同/月)
- 专业版:¥1499/月(300 份合同/月)
- 企业版:¥4999/月(无限合同)
适用场景
- 法务部门
- 采购合同
- 销售合同
- 劳动合同
技术栈
- Python + FastAPI
- NLP(合同解析)
- 风险识别模型
- 文档管理
安装
git clone https://github.com/openclaw-skills/ai-intelligent-contract-review
cd ai-intelligent-contract-review
pip install -r requirements.txt
python app.py
创建:2026-03-13 作者:OpenClaw Skills Team
Files
2 totalSelect a file
Select a file to preview.
Comments
Loading comments…