Skillv1.0.0

ClawScan security

AI 项目评估助手 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 9, 2026, 8:15 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill mostly does what it says (calls an LLM to produce a project evaluation), but the package metadata omits the API-key requirement and the script will send your API key and prompts to an external LLM endpoint (defaulting to api.deepseek.com), which is surprising and potentially risky.
Guidance: This skill runs a local Python script that sends your project text and a Bearer API key to an LLM HTTP endpoint (default: https://api.deepseek.com). Before installing or using it: (1) Inspect the code (you already have it) and confirm you trust the API_BASE domain. (2) Do not set your production OPENAI_API_KEY unless you intend that key to be sent to the configured API_BASE; prefer creating a dedicated key for this tool or set API_BASE to your trusted provider. (3) Update or ask the publisher to include the required env vars (OPENAI_API_KEY/DEEPSEEK_API_KEY) in the skill metadata so users are not surprised. (4) If unsure about the endpoint, run the script in a sandboxed environment or monitor outbound network calls. These mismatches (undocumented required creds and an unfamiliar default API host) are why this is rated 'suspicious' rather than 'benign.'

Review Dimensions

Purpose & Capability: noteThe code and SKILL.md align with the stated purpose: they call an LLM to generate an evaluation report. However, the skill metadata declares no required environment variables or primary credential while both the README and the script expect an API key (OPENAI_API_KEY or DEEPSEEK_API_KEY). That omission is an incoherence that can mislead users about what secrets are needed.
Instruction Scope: noteSKILL.md instructs running the included script; the script only takes the idea/context and writes an output file. It does not read unrelated local files. But the script reads environment variables for API credentials and an API base URL — the SKILL.md does not explicitly warn that you'll need to provide an API key or that the key will be sent to the configured API_BASE.
Install Mechanism: okNo install spec and only a small Python script are included. There is no network installer or archive download. Risk from installation is low.
Credentials: concernThe script requires an LLM API key (OPENAI_API_KEY or DEEPSEEK_API_KEY) and will send it as a Bearer token to API_BASE. The skill metadata does not declare this required credential (primaryEnv none). Additionally, the default API_BASE is https://api.deepseek.com — an unfamiliar third-party domain. If a user sets OPENAI_API_KEY expecting requests to OpenAI, that key would be sent to deepseek.com unless API_BASE is changed, which could leak credentials to an unexpected endpoint.
Persistence & Privilege: okThe skill has no 'always' privilege and does not request persistent system-wide configuration. It does not modify other skills or system settings.