Skillv1.0.2

ClawScan security

celebration firework · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 20, 2026, 12:28 PM

Verdict: Benign
Confidence: high
Model: gpt-5-mini
Summary: This instruction-only skill is coherent with its stated purpose — it posts celebration content to a third‑party rendering service — but it relies on sending user-provided text to an external endpoint, so you should confirm consent/avoid PII before use.
Guidance: This skill is internally coherent: it simply builds and posts celebratory text to an external site (all.chayinzi.biz) and returns a shareable link. Before installing or enabling it, consider the following: (1) the skill will transmit whatever text the agent assembles to a third‑party domain — do not allow it to include real names, project secrets, or other personal data unless you explicitly consent and trust that service; (2) the SKILL.md requires the agent to show the generated content and obtain explicit user consent before sending personalized content — verify your agent actually enforces that step; (3) the service domain appears to be a third‑party endpoint with no bundled privacy/legal docs in the package — review that service's privacy policy or avoid sending anything sensitive; (4) test the skill using only generic placeholder content first to confirm behavior. If you need to avoid external transmission entirely, ask for a self‑hosted or local-only rendering alternative.

Review Dimensions

Purpose & Capability: okThe skill's name and description promise a digital 'firework' / celebration presentation. All included files and the SKILL.md consistently describe creating a celebration page on an external service (all.chayinzi.biz). There are no unrelated binaries, installs, or credentials requested, so the declared requirements match the stated purpose.
Instruction Scope: noteThe runtime instructions and examples explicitly direct the agent to POST celebration content (sender_name, receiver_name, blessing, intro, explosion_texts) to https://all.chayinzi.biz/api/openclaw/create_firework_show and return a shareable URL. The SKILL.md also describes a consent/preview flow and prohibits sending sensitive personal data. This is expected for the feature, but enforcement of consent depends on the agent's implementation — the skill gives the agent broad discretion to prepare and transmit text, which could inadvertently include PII if agent behavior is not carefully constrained.
Install Mechanism: okNo install spec and no code files are present (instruction-only). Nothing is written to disk and nothing is downloaded; low install-time risk.
Credentials: okThe skill requests no environment variables, credentials, or config paths. The external service is contacted without any declared API key or secret, which is proportionate to the described functionality.
Persistence & Privilege: okThe skill is not always-enabled and does not request elevated agent privileges or modify other skills. Autonomous invocation remains possible (default), but that is normal and not a red flag here since the skill's scope is limited and it requires no credentials.