Skillv0.1.4

ClawScan security

Software Copyright Cn · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 6, 2026, 2:43 AM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill's files and instructions are consistent with its stated purpose (collect info, read local source code, and generate PDF materials for Chinese software copyright registration); it requests no external credentials and contains local PDF-generation scripts, but it will read user files and collect personal contact data — review before use.
Guidance: Before installing or running this skill: (1) Review the two included Python scripts yourself — they appear to only read local files and generate PDFs, but verify there's no network I/O (search for 'requests', 'urllib', 'socket', 'http', 'ftp', 'sockets', etc.). (2) Run in a controlled environment (virtualenv or sandbox) and install only required Python packages (reportlab, pygments). (3) Be mindful that the skill will ask for personal/contact information and will scan your repository to read source files — only allow it to access the minimal directories needed. (4) If you prefer, run the provided scripts manually from your terminal with explicit paths rather than granting an autonomous agent broad repository access. (5) If you need higher assurance, paste the rest of the scripts (if truncated) or run a static grep for network/file-write operations and share findings for a more confident assessment.

Review Dimensions

Purpose & Capability: okThe name/description (生成软著申请材料) align with the included scripts and README: the two Python scripts generate program-identification and document PDFs, and SKILL.md documents the required fields and workflow. Nothing in the manifest demands unrelated cloud credentials, binaries, or system-wide access.
Instruction Scope: noteSKILL.md explicitly instructs the agent to 'explore the user's code repository to infer fields' and to collect detailed personal/contact information (name, address, phone). Reading the user's workspace and source files is necessary for the stated task, but it is a privacy-sensitive operation — the instructions reasonably constrain file selection (skip node_modules, .git, etc.) and specify output files.
Install Mechanism: okNo install spec is provided (instruction-only skill with embedded scripts). The scripts depend on standard Python packages (reportlab, pygments, optional pymupdf). There are no downloads from arbitrary URLs in the provided files and no install-time network fetches in the manifest.
Credentials: okThe skill requires no environment variables, credentials, or config paths. It will request PII from the user (required for registration) and read local files — both are proportionate to generating registration materials but are sensitive and should be provided only as needed.
Persistence & Privilege: okalways is false; the skill does not request persistent elevated privileges or attempt to modify other skills or global agent settings. It runs local scripts and writes local output files (JSON and PDFs), which is expected behavior.