Back to skill
Skillv1.2.0
ClawScan security
HuaHuaDailyMCP · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 23, 2026, 8:00 AM
- Verdict
- benign
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's code, instructions, and required credential (BAIYE_AGENT_TOKEN) are consistent with its stated purpose (read fund data and send transaction request signals), though there are small deployment/URL inconsistencies and you should verify the upstream repository before running networked code.
- Guidance
- This skill appears to do what it says: query your HuahuaDaily cloud data and send transaction request signals using a PRO Agent Token. Before installing or running: 1) verify the upstream code (the README points to a GitHub repo) to ensure the server.py code matches what you expect; 2) confirm the API hostname mismatch (huahuadaily.preview... vs huahua.preview...)—ask the author or inspect the repo to ensure requests go to the official service; 3) treat BAIYE_AGENT_TOKEN like a secret: only set it for this service and don't paste it into unknown sites; 4) run the MCP server in an isolated environment if you have security concerns (it will make network requests to the service using your token); 5) remember that request_transaction only sends a request that requires confirmation in the official App—transactions are not executed directly by the skill.
Review Dimensions
- Purpose & Capability
- noteName/description match the actual behavior: the skill reads cloud-synced fund data and posts transaction request signals to the Huahua backend. It requires a single Agent Token (BAIYE_AGENT_TOKEN), which is appropriate. Note: SKILL.md/README refer to huahuadaily.preview.aliyun-zeabur.cn while server.py sets _OFFICIAL_API to https://huahua.preview.aliyun-zeabur.cn — a hostname mismatch that should be verified (could be an innocuous preview vs. alias discrepancy or a configuration error).
- Instruction Scope
- okSKILL.md instructs only network calls to the service APIs, use of BAIYE_AGENT_TOKEN, and that request_transaction only sends a request for the user to confirm in the app. The instructions do not ask the agent to read unrelated files or sweep other environment variables. They do instruct the user to place a token in an environment variable or call set_token.
- Install Mechanism
- noteThe registry entry has no formal install spec, but the package includes server.py, pyproject.toml, and README with installation instructions (uvx/git clone or python). The code depends on public packages (mcp, httpx) and references a GitHub repo for uvx installs. This is a common pattern but means running the skill will execute Python code that performs network requests — verify the referenced GitHub source before running.
- Credentials
- okOnly one required environment variable (BAIYE_AGENT_TOKEN) is declared and used as the primary credential; this aligns with the skill's need to call the backend API. No unrelated secrets or broad credential access is requested.
- Persistence & Privilege
- okalways is false; the skill does not request elevated persistence. It runs as an MCP server process and does not attempt to modify other skills or system-wide settings. Autonomous invocation by the agent is the platform default (disable-model-invocation is false) and is not by itself a red flag here.