Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Course TA
v2.0.0Virtual course teaching assistant for Discord. Answers student questions using RAG over course materials (slides, PDFs, notes) placed in the workspace memory...
⭐ 0· 123·0 current·0 all-time
byRongze Gao@zeron-g
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description (Discord course TA using RAG over course materials) matches the actual footprint: Python scripts to talk to Canvas, sync content, convert HTML to markdown, index memory files, and read/write course config files. Required binaries (openclaw, bash, python) and required config paths (course and Canvas configs plus canvas credential JSON) are expected.
Instruction Scope
SKILL.md instructs the agent to read/write files in the skill directory, consult memory, run sync scripts, and call openclaw memory indexing. Those actions are appropriate for the TA role. Note: admin flows permit editing course files and posting announcements to Canvas (writes are gated by the Canvas client's write_mode), so you should ensure admin_users in course-ta.json are set correctly. Minor textual inconsistency: the docs sometimes reference different log path names (e.g., ta-logs vs data/logs) which should be checked but does not change scope.
Install Mechanism
No external download/install spec is present; the repository ships Python scripts and a shell setup script. This is low-risk relative to installs that fetch arbitrary binaries. The skill will expect python on PATH and will run included scripts via exec.
Credentials
The skill requests no environment variables but declares required config paths including data/credentials/canvas.json (Canvas base URL and access token). Requesting a Canvas credential file is proportional to a Canvas-integrated TA. There are no unrelated credentials requested.
Persistence & Privilege
always:false (not force-included). The skill writes only to its own config and course directories and invokes openclaw memory indexing; it does not modify other skills or global agent settings. Autonomous invocation is allowed by platform default but is not combined with an 'always' flag or unrelated credential access.
Assessment
This skill looks coherent for a Canvas-connected Discord TA. Things you should check before installing: (1) Inspect data/credentials/canvas.json and only provide a token with minimal scope (avoid an admin/root token) — prefer a token scoped to the course(s) needed. (2) Set course-ta.json admin_users carefully so only professors/TAs can perform edits or post announcements. (3) Keep write_mode configured to 'confirm' or 'deny' if you want to avoid accidental writes; review how the agent environment handles interactive prompts (non-interactive runs may skip confirmation). (4) Review and run the included scripts in a safe/test environment first (they operate on your filesystem and will write memory/index files). (5) If you need stronger guarantees, audit the canvas credential usage (paths.py) and verify there are no outbound endpoints beyond your Canvas instance. Overall the skill appears to do what it says, but treat Canvas credentials and admin-user settings as sensitive.Like a lobster shell, security has layers — review code before you run it.
canvasvk971rjtb5er4cyzpq3hs820pwn843vx3discordvk971rjtb5er4cyzpq3hs820pwn843vx3educationvk971rjtb5er4cyzpq3hs820pwn843vx3latestvk971rjtb5er4cyzpq3hs820pwn843vx3ragvk971rjtb5er4cyzpq3hs820pwn843vx3
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
🎓 Clawdis
Binsopenclaw, bash
Any binpython3, python
Configconfig/course-ta.json, config/canvas-config.json, data/credentials/canvas.json