Back to skill
Skillv1.0.0
ClawScan security
RSSHub Route Generator · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 10, 2026, 8:05 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's requested actions (fetch pages, detect selectors, generate TypeScript route files) match its description and it doesn't ask for unrelated credentials or installs; behavior is coherent for a route-generator tool.
- Guidance
- This skill appears coherent for generating RSSHub routes, but review outputs before using them. Be cautious when providing URLs: the agent will fetch whatever URL you supply, so avoid pasting internal/private endpoints or URLs that could trigger server-side requests to your intranet (SSRF risk). Inspect the generated TypeScript before deploying to your RSSHub instance (check any HTTP client usage, concurrency, and error handling). If you need stricter safety, run the skill in a sandboxed environment or limit it to public URLs only.
Review Dimensions
- Purpose & Capability
- okThe name/description (generate RSSHub routes from websites) align with the instructions: fetching HTML, detecting list/title/date/content selectors, producing TypeScript route files and an analysis report. Referenced libraries (cheerio, got, parseDate, pMap, ofetch) are reasonable for the stated task and appear only as implementation guidance/templates.
- Instruction Scope
- noteInstructions explicitly tell the agent to fetch arbitrary user-provided websites (via web_fetch/got), analyze DOM structure, and write generated .ts files to the working directory — this is expected for a route generator. Note: because it fetches arbitrary URLs, the agent could be instructed to access internal or sensitive endpoints if a user submits them (SSRF risk); the SKILL.md does not ask to read any unrelated local files or credentials.
- Install Mechanism
- okInstruction-only skill with no install spec and no code files — nothing is downloaded or written at install time. This is the lowest-risk model for installation.
- Credentials
- okThe skill declares no required environment variables, credentials, or config paths. The runtime instructions reference only request/response processing and templated imports; there is no request for unrelated secrets or tokens.
- Persistence & Privilege
- okalways:false and user-invocable:true. The skill does not request persistent elevated privileges or modification of other skills or system settings. It does instruct writing generated files to the working directory, which is consistent with its purpose.