Skillv1.0.0

ClawScan security

IceCube ZSXQ Community · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 18, 2026, 5:14 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill is an instruction-only community/operations playbook for running a 知识星球 (zsxq) membership; its requirements and instructions are consistent with that purpose and it does not request unrelated credentials or install arbitrary code by itself.
Guidance: This skill is a content and operations playbook — it appears coherent and safe in structure. However, before using automation aspects you should: (1) inspect any local scripts the instructions reference (~/.openclaw/.../generate.sh) to confirm they don't run unexpected commands; (2) be prepared to log in to 知识星球/WeChat for posting and payments — avoid giving credentials to unknown third-party code; (3) check what data you store under memory/zsxq/* to avoid exposing member data; and (4) test automation in a sandbox account before enabling automatic posting or automated private-message replies.

Review Dimensions

Purpose & Capability: okThe name and description (IceCube 知识星球社区运营) match the SKILL.md content: community positioning, content planning, membership tiers, conversion funnels, templates and automation guidance. Nothing in the file asks for unrelated cloud credentials, exotic binaries, or capabilities that don't belong to operating a paid community.
Instruction Scope: noteInstructions stay within the domain of community operations (content generation, posting, member tracking). The file references local paths (~/.openclaw/workspace/skills/icecube-diary/scripts/generate.sh) and a memory path (memory/zsxq/YYYY-MM.md) and suggests using a browser skill or API to post (requires logging in). While the skill does not itself request credentials, at runtime it expects the agent or user to have accounts/logins for 知识星球 and any posting automation — review any local scripts it points to before running and be aware that posting automation will require authenticating to external services.
Install Mechanism: okThere is no install spec and no code files in the package (instruction-only). No downloads, archives, or external install URLs are present, which minimizes installation risk.
Credentials: okThe skill declares no required environment variables, no primary credential, and no config paths beyond the skill's own workspace/memory paths. The references to login for posting/payment are expected for the described purpose but are not directly requested in the skill metadata.
Persistence & Privilege: okalways is false and the skill is user-invocable only. It does not request to be permanently enabled or to modify other skill configs. The level of persistence and privilege requested is appropriate for a community-operation guide.