ClawHub

China Tour

Security checks across static analysis, malware telemetry, and agentic risk

Overview

This appears to be a coherent travel-guide skill; the main things to notice are its optional backend API path and optional manual GitHub installation instructions.

This skill looks purpose-aligned for China scenic-spot guidance. Before installing, check whether you plan to use the backend API or only the local reference fallback, and prefer the registry install unless you have reviewed and trust the GitHub source.

Static analysis

No static analysis findings were reported for this release.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal

Risk analysis

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

#
ASI07: Insecure Inter-Agent Communication
Low
What this means

Your attraction questions and lightweight travel preferences could be processed by a backend service if one is configured.

Why it was flagged

The skill discloses a backend API path for answering user questions, so user tour queries and preferences may be sent to whatever backend URL is configured.

Skill content
ChinaTour connects to a backend API for enhanced AI-powered responses
Recommendation

Use only a backend endpoint you trust, and avoid sharing sensitive personal information in tour questions.

#
ASI09: Human-Agent Trust Exploitation
Info
What this means

A user might assume the skill never uses a backend, even though the main skill documentation describes optional API-backed responses.

Why it was flagged

The README’s 'fully offline' wording is somewhat broader than the SKILL.md API-first enhancement/fallback description, which could affect user expectations about network use.

Skill content
ChinaTour is a fully offline AI-powered smart tour guide
Recommendation

Treat it as offline-capable rather than strictly offline, and verify whether your OpenClaw setup enables the backend API.

#
ASI04: Agentic Supply Chain Vulnerabilities
Info
What this means

Installing manually from GitHub means you rely on that repository’s contents rather than only the registry package.

Why it was flagged

The README offers an optional manual installation path from a GitHub repository, which is user-directed but depends on trusting that external source.

Skill content
git clone https://github.com/bitzhuyong/china-tour.git
Recommendation

Prefer the ClawHub install path or review the repository contents before manually copying it into your skills directory.