Skillv1.0.0

ClawScan security

Ai News Poster · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 7, 2026, 1:42 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's code and runtime instructions mostly match the poster-generation purpose, but there are multiple implementation mismatches and behavioral promises in SKILL.md that the included script does not fulfill.
Guidance: This skill is not obviously malicious, but it is inconsistent: SKILL.md promises automatic summary rewriting and filtering when >5 items, while the shipped script will error unless exactly 5 items are provided and will render the headlines/summaries as-is. The script also uses hardcoded top title text and different colors than the markdown spec. Before installing or using it in production: 1) review/modify scripts/render.py if you need the skill to accept >5 items, perform selection/filtering, or rewrite summaries; 2) test the renderer locally with examples/input.sample.json to confirm the visual output matches your brand; 3) ensure Pillow and desired fonts are available on your host (the script tries macOS font paths and falls back to defaults); 4) if you require the poster title to come from input.title, change the hardcoded strings in render.py. If you need stronger assurance (no hidden behavior), open the full script and run it in a sandbox or have a developer audit the small mismatches noted above.

Review Dimensions

Purpose & Capability: noteName/description (generate a 5-item AI news poster) aligns with the provided renderer script that reads JSON and writes a PNG. However the SKILL.md visual/typography spec (colors, exact title text) and some behavioral expectations (automatic filtering when >5 items, rewriting summaries) are not fully reflected in scripts/render.py. The renderer uses hardcoded top titles ('科创中心' / 'AI热点速报') instead of data.title and uses different color/gradient constants than the hex values in SKILL.md.
Instruction Scope: concernSKILL.md instructs the agent to 'rewrite each summary' and to 'keep the most important 5 and explain filtering' when >5 are provided. The included Python renderer enforces exactly 5 items (raises an error otherwise) and simply draws the provided headlines/summaries — it does not perform summarization, sanitization, or selection/filtering. The SKILL.md and actual runtime behavior therefore disagree about preprocessing and automatic content changes. Otherwise, runtime instructions only reference local files and a local Pillow install; there are no network calls or exfiltration instructions.
Install Mechanism: okNo install spec; this is instruction + local script only. The only external dependency is Pillow (pip install), which is declared in SKILL.md. No downloads from arbitrary URLs, no package installs beyond pip for a well-known library.
Credentials: okThe skill requests no environment variables, no credentials, and no config paths. The renderer reads only the provided input JSON and writes a local PNG; there is no access to unrelated secrets or system configuration.
Persistence & Privilege: okalways is false and the skill does not request permanent presence or modify other skills or global agent configuration. It only writes its output file and creates output directories as expected for a renderer.