ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

OpenClaw Chinese Laoshi Ops

v1.0.0

Use when extracting Chinese lesson videos into raw transcripts, lesson JSON, learner docs, and Drive exports while enforcing pilot-first and prepublish leak...

0· 35·0 current·0 all-time
byZakhar Pashkin@zack-dev-cm
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description match the contents: this is an ops playbook for extracting/transcribing Chinese lessons and producing JSON/Markdown/Drive exports. Required binaries (python3, node) are consistent with the script commands listed. One discrepancy: the skill repeatedly references Drive exports and syncing to Drive, but the registry metadata declares no Drive or cloud credentials — it’s reasonable for Drive interaction to require additional credentials or auth, so the absence of any declared env vars or primary credential is a notable omission (could be benign if the repo scripts rely on pre-existing system auth, but it should be explicit).
!
Instruction Scope
SKILL.md instructs the agent to run repo-local scripts (transcribe, process drops, build artifacts, run publication gate). Those commands are expected, but the doc also says 'If the repo-local scripts are absent, keep the same stages anyway' — this is vague and grants the agent broad discretion to perform unspecified extraction, grounding, or external calls. The instructions don't enumerate what network endpoints or auth the agent may use when scripts are missing, which increases the risk that an agent could attempt arbitrary external operations or leak data while implementing the stages.
Install Mechanism
This is an instruction-only skill with no install spec and no code files beyond documentation. That minimizes install-time risk (nothing is downloaded or written by an installer).
Credentials
The skill requests no environment variables or credentials despite calling out Drive sync and export commands. Syncing to Drive (or other operator-controlled stores) normally requires credentials or an authenticated runtime environment; the absence of declared credential requirements is an inconsistency worth verifying. There are no suspiciously broad credential requests in the metadata, which is good, but you should inspect the repo scripts to see what they actually access or require.
Persistence & Privilege
always is false, the skill is user-invocable only, and it does not request persistent platform privileges or modify other skills' configs. Autonomous invocation is allowed (default) but not by itself a red flag; nothing here increases persistence or system-wide privilege.
What to consider before installing
This skill appears to be an operational playbook for a repo that transcribes and builds Chinese lessons. Before installing or running it: (1) Inspect the actual scripts referenced (scripts/*.py, scripts/*.mjs, bash scripts) to see if they perform network calls or require Drive/Google credentials. (2) Verify that python3/node are the only runtime dependencies and that no installer is fetched at runtime. (3) Confirm what authentication those scripts expect (OAuth client, service account key, gcloud auth) and never paste credentials into a skill prompt — prefer using existing safe system auth or a sandbox. (4) Pay attention to check_publication_bundle.py — run it yourself and confirm it effectively detects local absolute paths, secret-like strings, and Drive IDs before publishing. (5) Be cautious about the SKILL.md fallback that tells an agent to implement stages if scripts are missing; avoid giving the agent open-ended permission to call external services or read system-wide files. If you are not comfortable inspecting the scripts yourself, run the workflow in an isolated environment or decline to enable autonomous invocation until you can audit the code.

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

Binspython3, node
chinesevk9749dfnz5wpnj15rsdr209fkh85bckwdrivevk9749dfnz5wpnj15rsdr209fkh85bckwlanguage-learningvk9749dfnz5wpnj15rsdr209fkh85bckwlatestvk9749dfnz5wpnj15rsdr209fkh85bckw
35downloads
0stars
1versions
Updated 16h ago
v1.0.0
MIT-0
Zakhar Pashkin@zack-dev-cm
chinesedrivelanguage-learninglatest
Download

OpenClaw Chinese Laoshi Ops

Use this skill when working in the OpenClaw Chinese Laoshi repo or another repo that exposes the same lesson schema, pipeline stages, and publication gate.

Use This Skill When

  • the task is to extract text from long-form Chinese lesson videos or subtitle drops
  • the user wants lesson summaries, conspects, vocabulary, grammar, drills, or tests
  • the user wants Markdown and JSON lesson assets exported to Drive
  • the user wants to package or publish the workflow without leaking local paths, known Drive IDs, or secret-shaped text

Quick Start

  1. Validate the repo state before editing content.
    • node scripts/check-lessons.mjs
    • python3 scripts/check_raw_transcripts.py
  2. Move only one lesson at a time beyond scaffold state.
    • Transcript drop lane: python3 scripts/process_transcript_drop.py --lesson 1 --input /absolute/path/to/lesson-01.srt
    • Whisper lane: python3 scripts/transcribe_lesson_with_whisper.py --lesson 1 --smotrim-video-id <video_id>
  3. Build learner-facing artifacts only after extraction exists.
    • python3 scripts/build_lesson_from_transcript.py --lesson 1
    • bash scripts/refresh_artifacts.sh
  4. Run the public release gate before any publish step.
    • python3 scripts/check_publication_bundle.py

If the repo-local scripts are absent, keep the same stages anyway: extract, ground, review, render, export, publish. Do not skip directly from video to polished lesson prose.

Core Rules

  • Raw lesson media stays in Drive or another operator-controlled store.
  • Lesson 01 is the pilot gate. Do not scale real content to lessons 02-16 until lesson 01 is approved.
  • Keep uncertainty visible. Missing Hanzi, pinyin, or translation should be marked, not guessed.
  • The tutor is Petrov-inspired, not Petrov impersonation.
  • Treat all public publication surfaces as hostile to private details. ClawHub and GitHub publication should assume anyone can read SKILL.md.

Workflow

1. Extract

  • Prefer a transcript or subtitle drop when available.
  • If the source is video-only, transcribe into the raw transcript layer first.
  • Keep timestamps, speaker-role placeholders, and uncertainty notes.

2. Ground

  • Convert raw transcript segments into the lesson schema.
  • Add summaries, conspects, vocabulary, grammar, pronunciation, drills, and tests only when the source supports them.
  • Keep source traceability visible.

3. Review

  • Check lesson quality against the pilot-first and editorial gates.
  • Reject unsupported content, weak answer keys, and synthetic filler.
  • Treat speaker labeling, Hanzi, pinyin, and translation drift as correctness problems, not style nits.

4. Render And Export

  • Rebuild learner-facing Markdown after lesson JSON changes.
  • Sync JSON and Markdown exports to Drive only after the repo copy passes checks.
  • Keep exports small; raw media should not enter the repo or the public skill.

5. Publish

  • The public bundle must pass the release gate before GitHub or ClawHub.
  • The gate should fail closed on placeholders, local absolute paths, localhost URLs, websocket/debug endpoints, secret-like strings, and known lesson file IDs.

Do Not

  • Do not guess missing Chinese text or smooth weak source material into fake fluency.
  • Do not move lessons 02-16 past scaffold state before the lesson 01 pilot clears.
  • Do not publish local paths, private emails, mounted Drive paths, or browser session details.
  • Do not let the public skill and the bundled plugin copy drift apart.

References

  • references/pipeline.md
    • current lesson pipeline, state transitions, and repo command surfaces
  • references/release-gates.md
    • public publication checklist and leak/slop/bleed blockers

Comments

Loading comments...