Skillv1.0.0

ClawScan security

Meme Collector 热梗收集器 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousFeb 11, 2026, 9:05 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's behavior matches its purpose (collecting memes and writing to a Dify dataset) but the metadata omits the credentials it actually needs and there are a few operational risks you should consider before installing.
Guidance: This skill appears to do what it says (scrape public pages and write structured entries to a Dify dataset), but the registry metadata doesn't list the Dify credentials it requires — that's a transparency issue. Before installing: (1) verify the skill's source or run it in a sandbox/test agent; (2) only provide a Dify API key with the minimal scope or a throwaway/test dataset ID; (3) consider requiring a manual review step before batch upload to avoid publishing copyrighted or sensitive content; (4) confirm you trust the agent's web_fetch/web_search tools and their network access; (5) if you need stronger assurance, ask the publisher to update the metadata to declare DATASET_ID/API_KEY and to provide a homepage or source provenance.

Review Dimensions

Purpose & Capability: concernThe SKILL.md and included script clearly require a Dify DATASET_ID and API_KEY (and optionally a proxy) to list and upload documents, but the registry metadata declares no required environment variables or primary credential. That mismatch is incoherent: a dataset-writing skill should have its credential requirements declared.
Instruction Scope: noteRuntime instructions use web_search and web_fetch to scrape articles and build structured Markdown entries, then call the provided scripts to upload. This is consistent with the stated purpose. However the instructions permit scraping arbitrary pages and instruct the agent to batch-upload scraped content to Dify; you should ensure content is reviewed before upload (copyright/sensitive-data risk). The SKILL.md also instructs asking the user for credentials if not provided, which is explicit but relies on the user to supply secrets.
Install Mechanism: okNo install spec — instruction-only plus a small helper script. No network download/install of third-party binaries or archives. The included Python script is readable and interacts only with api.dify.ai, so install risk is low.
Credentials: concernThe skill needs Dify credentials (DATASET_ID, API_KEY) and optionally a proxy at runtime, but none of these are declared in the registry metadata. Requesting an API key for the service it uses is proportionate, but the omission in metadata reduces transparency and could cause accidental credential exposure when the agent prompts for them.
Persistence & Privilege: okalways:false and no requests to modify other skills or system-wide configuration. The skill does not request permanent presence or elevated privileges.