Skillv10.0.0

ClawScan security

德胧调研报告技能 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 21, 2026, 1:19 AM

Verdict: Benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill is an instruction-only research-report writing assistant and its requested footprint (no installs, no credentials) matches that purpose, though package metadata contains minor inconsistencies that should be checked before trusting the source.
Guidance: This appears to be a legitimate, instruction-only research-report assistant: it asks for no credentials and imposes no installs. Before installing or using it widely, verify the publisher/source because the package metadata (ownerId, slug, version) in the included _meta.json does not match the registry metadata — this can indicate a packaging mistake or a repackaged skill. Also: (1) confirm how the agent will perform web research (what browsing/search capability it will use), (2) review any citations the skill provides for accuracy, and (3) avoid pasting sensitive data into prompts used with the skill. If you need a skill from an official vendor, prefer skills with matching, verifiable metadata or a published homepage.

Review Dimensions

Purpose & Capability: noteThe SKILL.md content (report frameworks, research methodology, writing guidelines) aligns with the stated purpose of producing industry research reports. The skill does not request credentials, binaries, or access beyond what is needed for writing and web research. However, registry metadata and packaged metadata disagree (different ownerId, slug, and version numbers between the published registry entry and the _meta.json), which is a packaging/authoring inconsistency worth verifying with the publisher.
Instruction Scope: okRuntime instructions remain within the expected scope: asking clarifying questions, gathering industry data from credible sources, analyzing/synthesizing, and drafting reports. The instructions do not direct the agent to read local files, access unrelated environment variables, or exfiltrate data to unknown endpoints. They do assume web-accessible research which is appropriate for the purpose.
Install Mechanism: okNo install specification or code files are present (instruction-only). This is the lowest-risk installation model: nothing is written to disk by the skill itself.
Credentials: okThe skill does not request environment variables, credentials, or configuration paths. No secrets or external service tokens are required, which is appropriate for a writing/research guidance skill.
Persistence & Privilege: okalways: false and user-invocable: true. The skill does not request permanent platform presence or elevated privileges. disable-model-invocation is false (default) which allows autonomous invocation — this is standard and acceptable here given the limited scope and lack of privileged access.