Skillv1.0.3

ClawScan security

Hk Cn Content Matrix · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 13, 2026, 1:40 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill is a coherent set of Hong Kong/Chinese social-media templates, but it advertises automated posting, scheduling, analytics and reply automation while being purely an instruction/template pack with no code, install, or declared integration/credential requirements — an inconsistency users should validate before purchase.
Guidance: This package appears to be a set of templates and prompts for Hong Kong/Chinese social media content — not an out-of-the-box automation tool. Before buying or installing: 1) Ask the publisher to explain how '自动排程发布/数据分析/评论自动回复' is implemented (where code runs, what connectors are used). 2) Do not hand over platform API keys or account credentials unless you see explicit, documented integration code and understand where your credentials will be stored and who can access them. 3) Request a demo or source for the automation components; if automation is sold as a separate service, clarify billing and data-handling policies. 4) Expect the files here to be usable as manuals/templates only; treat claims of 'automatic' features as marketing until proven otherwise.

Review Dimensions

Purpose & Capability: concernThe name/description promise both '内容模板' and '全自动运营' (AI content generation, automatic scheduling/publishing, data analysis, auto-replies). However the package is instruction-only (templates and prompts) with no install spec, no code, and no required credentials or integration instructions. If the product truly provides automation, it should include code, connectors, or explicit instructions for platform API credentials; their absence is a material mismatch.
Instruction Scope: noteSKILL.md and the provided prompt/template files strictly contain content templates, posting advice, and canned replies; they do not instruct the agent to read sensitive files, call external endpoints, or access environment variables. The materials are limited in scope and do not perform automation themselves.
Install Mechanism: okThere is no install specification and no code files that would be downloaded or executed. That reduces on-disk risk — nothing in this bundle writes or installs binaries.
Credentials: okThe skill declares no required environment variables, credentials, or config paths. Given the content-only nature, this is proportionate. However, because the marketing claims automation, real automation would require platform credentials — none are requested or documented here.
Persistence & Privilege: okThe skill is not marked always:true and requests no system-level privileges. It is user-invocable and can be autonomously invoked by the agent (the platform default), which is expected for skills — there are no elevated persistence demands in the manifest.