Back to skill
Skillv1.0.0
ClawScan security
WeChat Article Reader · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 14, 2026, 4:26 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- This instruction-only skill is internally consistent with its stated purpose (opening WeChat article pages in the built-in browser and extracting body text) and does not request unrelated credentials, installs, or filesystem access.
- Guidance
- This skill appears to do exactly what it says: open a WeChat article URL (ensuring ?scene=1 is present), extract the article text, and return it. Before using: 1) Only feed it public WeChat article URLs you trust — do not pass links to private or authenticated pages you don't want the agent to read. 2) If you rely on precise query parameters, verify the skill's URL normalization preserves other parameters correctly (the SKILL.md requires appending or rewriting to include scene=1). 3) Because it's using the agent's browser tool, extracted text will be visible to the agent — avoid exposing secrets or internal URLs. Other than those normal cautions, the skill is coherent and does not request disproportionate access.
Review Dimensions
- Purpose & Capability
- okName/description (WeChat article reader) match the instructions: the SKILL.md only uses the agent's built-in browser to open a URL, normalize it to include ?scene=1, wait for the article container, extract text, and close the tab. No unrelated binaries, env vars, or config paths are requested.
- Instruction Scope
- noteInstructions stay within the stated purpose (open URL, wait for selector, extract innerText). However, the skill will open arbitrary URLs provided by the user; that means the agent will fetch and expose whatever content is at the URL (including pages behind login or unexpected endpoints) — this is expected but worth being aware of.
- Install Mechanism
- okNo install spec and no code files — instruction-only. This minimizes disk-write/remote-install risk.
- Credentials
- okNo environment variables, credentials, or config paths are requested; the declared requirements are proportional to the simple browsing/extraction task.
- Persistence & Privilege
- okSkill is not always-included and does not request elevated or persistent privileges. It does not attempt to modify other skills or agent-wide config.