Skillv1.0.0

ClawScan security

摸鱼日报和百度热搜等图片生成，持续升级中 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 11, 2026, 12:47 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code, instructions, and requirements match its stated purpose (generating two poster types and exporting images); the main things to be aware of are outbound network requests to a third‑party API and remote image fetching, plus optional native image backends that are invoked if present on the system.
Guidance: This package appears to be what it says: a JSON-driven poster generator that renders SVG and optionally converts to PNG/JPG/WEBP. Before installing or running it, consider the following: - Network activity: the 'baidu_hot' renderer uses a third‑party API (https://v2.xxapi.cn/api/baiduhot) to fetch hot‑search data, and the daily renderer may fetch remote image URLs (and cache them under references/cache). If you need to avoid outbound requests, inspect and modify render_baidu_hot.py and render_daily_poster.py to use local data or a different API. - Image backends: conversion to PNG/JPG/WEBP may call system binaries (ImageMagick, Inkscape, librsvg 'rsvg-convert', resvg) or use the Python resvg_py/Pillow packages. Installing those packages/binaries grants the renderer the ability to execute local subprocesses for conversion — this is expected but worth noting. - Files written: the tool writes outputs to the path you pass and may create a cache directory (references/cache). Review the repo's references/ and cache if you are concerned about write locations. - Third‑party trust: the skill relies on an external API (XXApi) for baidu hot data; confirm you trust that service for the data you plan to publish. If privacy matters, replace or stub the API with local data. If you want a stricter safety posture, run the renderer in a restricted environment (no network, limited file write permissions) or review/patch the network fetch code to remove or control external calls.

Review Dimensions

Purpose & Capability: okName/description (generate 'daily' and 'baidu_hot' posters, output SVG and image exports) align with included files: rendering, lunar calendar, countdown, and SVG->image conversion. Declared requirements (none) are consistent with an instruction-first repo that includes Python scripts and a requirements.txt listing resvg_py and Pillow.
Instruction Scope: noteSKILL.md instructs the agent to run local Python renderer scripts and to produce SVG/PNG/JPG/WEBP outputs. The code legitimately reads JSON specs and writes output files. However, render_baidu_hot.py makes an outbound HTTP request to a third‑party endpoint (BAIDU_API_URL = "https://v2.xxapi.cn/api/baiduhot") to fetch hot‑search data, and render_daily_poster.py contains logic to fetch remote image assets (HTTP/HTTPS) and cache them under references/cache. SKILL.md does not explicitly call out network activity; if you need offline operation or want to avoid contacting external services, review or modify those places.
Install Mechanism: okNo automated install spec is provided (instruction-only), so nothing is downloaded or executed implicitly by an installer. The repository includes a requirements.txt (resvg_py, Pillow) which is proportional to SVG rendering and image conversion. Converters in svg_image_converter may invoke system binaries (ImageMagick 'magick', Inkscape, rsvg-convert, resvg) if present; this is expected behavior for image conversion but requires those binaries to be installed to enable some backends.
Credentials: okThe skill does not request environment variables, credentials, or configuration paths. There are no required secrets. Network calls are unauthenticated to a public API and to arbitrary image URLs supplied in spec; no credential exfiltration code is present.
Persistence & Privilege: okThe skill does not request permanent/enforced presence (always: false). It writes output files and may cache fetched images under references/cache, which is normal for this tool. It does not modify other skills or system-wide agent settings.