Skillv0.1.0

ClawScan security

Watcha Finder · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignFeb 28, 2026, 6:25 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's declared purpose (finding and evaluating AI products via watcha.cn) matches the instructions and requirements: it's an instruction-only skill that calls public watcha.cn endpoints and supplements results with web searches, and it requests no credentials or installs.
Guidance: This skill appears coherent and low-risk: it will make live web/API requests to watcha.cn and other public sites to gather product info and may download images or quote reviews. Before enabling: ensure you are comfortable with the agent performing outbound web requests (including to Chinese sites), and avoid supplying any private credentials or sensitive data to the skill (none are requested). If watcha.cn requires authentication in your environment, the SKILL.md does not describe how to supply credentials — be cautious about giving any API keys unless you understand where they're used. If you need offline-only analysis or must avoid external network calls, do not enable this skill.

Review Dimensions

Purpose & Capability: okName/description promise (search, evaluate, recommend AI products via watcha.cn) aligns with the SKILL.md: it documents search, product detail, reviews, and posts endpoints plus categories/tags. No unexpected credentials, binaries, or install steps are required, which is proportionate for a read-only discovery skill. (Minor note: SKILL.md assumes public access to watcha.cn API without auth.)
Instruction Scope: okRuntime instructions are limited to calling watcha.cn API endpoints, parsing review/post structures, and cross-referencing with web sources. The SKILL.md does not instruct reading local files, unrelated env vars, or modifying system state. Caveat: cross-referencing external web sources broadens network activity (normal for product-research tasks) and the skill may fetch images/URLs from remote hosts.
Install Mechanism: okNo install spec and no code files — instruction-only. This is the lowest-risk install model because nothing is written or executed on disk by the skill itself.
Credentials: okThe skill declares no required environment variables, credentials, or config paths. That matches its read-only, public-API usage. The SKILL.md includes recommended HTTP headers (Origin/Referer/User-Agent) to emulate a browser; this is plausibly to avoid simple blocks but does not require secrets.
Persistence & Privilege: okalways is false and the skill requests no persistent system privileges or access to other skills' configurations. It does not ask to be force-included or to store tokens.