ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

会议议程生成助手

v1.0.0

This skill should be used when the user provides meeting-related information (title, venue, time, agenda items, participants, etc.) and wants to generate a f...

0· 26·0 current·0 all-time
by@ywwzzsgit
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name, description, and code align: the Python script builds a .docx and attempts PDF conversion using Word COM / LibreOffice / docx2pdf. No unrelated credentials, binaries, or network endpoints are requested. The functionality requested (creating agenda documents with Chinese fonts) matches the files provided.
Instruction Scope
SKILL.md stays within scope (collect meeting fields, produce JSON, run the script, deliver files). It instructs the agent to use the user's workspace or a temp folder and to attach the produced files. Nothing in the instructions asks the agent to read unrelated system files or secrets. Note: SKILL.md and the script disagree about PDF dependencies (SKILL.md mentions reportlab; the script uses docx2pdf and win32com/LibreOffice), which is a documentation/implementation mismatch to be aware of.
!
Install Mechanism
There is no registry install spec, but the script auto-installs Python packages at runtime using pip (subprocess.check_call with sys.executable -m pip install). This is expected for an instruction-only skill but has security implications: it will modify the Python environment where the agent runs. The packages actually checked/installed by the script are 'python-docx' and 'docx2pdf', while SKILL.md claims it will auto-install 'python-docx' and 'reportlab' — an inconsistency that suggests sloppy documentation or a change in implementation.
Credentials
The skill requests no environment variables, credentials, or config paths. The script does probe for local programs (soffice/libreoffice) and will attempt Word COM on Windows, which is proportional to PDF conversion. No network endpoints or secret exfiltration are present in the code.
Persistence & Privilege
The skill is not always-enabled and does not request elevated platform privileges. However, its runtime behavior (automatic pip installs) will persist packages into the agent's Python environment, which is effectively modifying the runtime. This is not automatically malicious but is a persistent change you should be comfortable with.
What to consider before installing
This skill appears to implement a legitimate meeting-agenda generator, but take the following precautions before installing or running it: - Review and run the script in a sandboxed environment (or a disposable virtualenv) first. The script runs pip install programmatically and may modify your Python environment. - Note the documentation/implementation mismatch: SKILL.md mentions installing 'reportlab' while the script installs/uses 'docx2pdf'. Confirm which packages you want installed and consider installing them yourself (pip install python-docx docx2pdf) in a controlled environment before letting the script auto-install. - Inspect the remainder of the script (the file was truncated in the listing). Ensure the main() entrypoint does nothing unexpected (network calls, reading unrelated files, executing arbitrary commands). - Because the script can invoke external converters (Win Word COM, LibreOffice via subprocess), running it may execute local binaries; only run where those binaries are trusted. - If you want minimal impact, run the script inside a temporary virtual environment or container so pip installs do not affect your global Python environment. If you want, I can: - show the remainder of the script's main() body if you provide it, and re-check for unexpected behavior; - suggest an easy sandbox command set to run the script safely; or - produce a fixed SKILL.md that matches the actual implementation.

Like a lobster shell, security has layers — review code before you run it.

latestvk97cq845tdn0pgrpdcv0ky4vcx845bt7

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments