Skillv1.0.0

ClawScan security

Bilibili · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 10, 2026, 7:24 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill is an instruction-only assistant for designing Bilibili-native video resonance; its declared purpose matches the instructions and it requests no credentials, installs, or suspicious access.
Guidance: This skill appears internally coherent and low-risk: it is instruction-only, asks for no credentials, and stays on-topic for designing Bilibili danmu/resonance. Before installing, consider: 1) Content risks — the advice is explicitly about triggering audience reaction, which can be used manipulatively; review outputs for ethical concerns and platform policy compliance. 2) Privacy — avoid pasting private or sensitive information from real users into prompts. 3) Posting behavior — confirm that the agent or other tools will not post content to Bilibili or other platforms automatically; this skill only generates design suggestions. 4) Metadata note — skill.json lists a homepage while the top metadata said none; if provenance is important, ask the publisher for clarification. If you want extra assurance, request a sample run with non-sensitive example input to verify the behavior.

Review Dimensions

Purpose & Capability: okName, description, examples, and declared capabilities all align with a creator-facing analysis/design helper for Bilibili danmu/resonance. There are no unrelated requirements (no cloud creds, no binaries) that would be out of scope for this purpose. Minor metadata inconsistency: top-level metadata listed 'Homepage: none' while skill.json includes a homepage URL (https://clawhub.ai); this is likely a small packaging oversight and not a substantive risk.
Instruction Scope: okSKILL.md gives a focused, stepwise runtime protocol (parse intent, identify reaction architecture, design danmu moments, recommend edits). It does not instruct the agent to read arbitrary system files, access environment variables, or transmit data to unknown endpoints. It includes guardrails to avoid fabricating cultural certainty and asks for more context when ambiguous.
Install Mechanism: okNo install spec and no code files that would be written to disk; the skill is instruction-only. This is the lowest-risk installation model and consistent with its purpose.
Credentials: okThe skill declares no required environment variables, no primary credential, and no config paths. The runtime instructions do not reference hidden credentials or external services, so there is no disproportionate access being requested.
Persistence & Privilege: okalways is false (normal), and the skill does not request persistent or elevated presence. Model invocation is enabled (default) which is expected for an agent skill; this by itself is not a concern since there are no additional risky permissions or installed components.