ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Shrink JSON in Prompts (TOON Encoder/Decoder)

v1.0.0

Compress, encode, and decode large JSON payloads into a compact, reversible TOON string to reduce token usage in LLM prompts and tool payloads. Use when you...

0· 70·0 current·0 all-time
bykevin Zhang@zmkkevin
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name, description, SKILL.md, and the included Python script all point to a local JSON encoding/decoding utility; there are no declared env vars, binaries, or config paths that don't match this purpose.
Instruction Scope
Runtime instructions only ask the agent/user to run the bundled script against stdin/stdout (encode/decode/schema). The SKILL.md does not instruct reading unrelated files or sending data to external endpoints. However, the source in the prompt is truncated, so I cannot confirm there are no additional runtime behaviors later in the file.
Install Mechanism
No install spec is present (instruction-only skill with a local script). This is low risk — nothing is downloaded or written to disk by an installer.
Credentials
The skill declares no required credentials, environment variables, or config paths. The visible code uses only standard libraries (json, base64, hashlib, re, sys) consistent with its purpose.
Persistence & Privilege
always is false and the skill is user-invocable; it does not request permanent presence or elevated agent privileges in the provided metadata.
What to consider before installing
This skill appears coherent and limited to local JSON encoding/decoding, but the source listing you provided is truncated — I could not review the entire file. Before installing or running it, review the complete scripts/toon_json.py to confirm there are no network calls, subprocess exec/os operations, or hidden telemetry. If you cannot inspect the full file, run it in a sandbox or isolated environment and/or open the file to verify it only parses and transforms data (no requests, no subprocess.exec, no os.system, etc.). Also consider whether you will push sensitive data through this tool and test with non-sensitive samples first.

Like a lobster shell, security has layers — review code before you run it.

latestvk9733fc8cfjnvw83hkxhczyyvh83jnqx

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments