Skillv1.0.0

ClawScan security

德胧调研报告技能v2 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 20, 2026, 7:19 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill is an instruction-only writing assistant for industry research reports and its declared requirements and runtime instructions are consistent with that purpose; no code, installs, or credential requests were found, though there are minor metadata inconsistencies you may want to confirm.
Guidance: This skill appears to do what it says: it provides templates and methodologies for writing industry research reports and requests no credentials or installs. Before installing or using it: 1) confirm the publisher/owner provenance because the registry metadata and the included _meta.json/version fields don't match; 2) be cautious when supplying private or proprietary data — the skill will ask to gather public sources and may use web access if your agent permits browsing; 3) ask the skill to cite all sources and provide links for any statistics or claims (verify paywalled sources yourself); and 4) if you need integration with paid research providers or confidential company data, prefer a skill that explicitly declares and justifies those credentials.

Review Dimensions

Purpose & Capability: noteThe name, description, and SKILL.md all describe a report-writing assistant and the instructions (framework, methodology, sourcing guidance) match that purpose. Minor mismatches exist in metadata/versioning: the registry lists version 1.0.0 while SKILL.md and _meta.json indicate 2.0.0, and the ownerId in the registry metadata differs from the ownerId in _meta.json — these are administrative inconsistencies but do not change the skill's functional scope.
Instruction Scope: okRuntime instructions are limited to asking clarification questions, searching public sources, synthesizing data, and drafting reports. They do not instruct accessing local files, environment variables, or transmitting data to third-party endpoints beyond normal web research. No vague 'gather whatever context you need' directives that would grant undue access are present.
Install Mechanism: okThis is instruction-only with no install spec and no code files, so nothing is written to disk or fetched at install time. This is the lowest-risk install posture.
Credentials: okThe skill declares no required environment variables, credentials, or config paths. That is proportionate for a report-writing assistant which only needs to access public information and user input.
Persistence & Privilege: okThe skill is not always-enabled (always: false) and does not request any elevated platform privileges. Autonomous invocation is allowed by default on the platform but is not combined here with broad credentials or other red flags.