Skillv1.0.0

ClawScan security

Xhs Post Factory · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignMar 10, 2026, 4:35 PM

Verdict: Benign
Confidence: high
Model: gpt-5-mini
Summary: This instruction-only skill is internally consistent with its stated purpose: it transforms local PDF/MD/TXT/JSON inputs into Xiaohongshu post drafts using on-disk templates and writes output files to the input directory; it requests no credentials or installs no software.
Guidance: This skill appears coherent and low-risk in itself, but consider these practical points before enabling: (1) it will read files in the same directory as your input and will write xhs-post.md and xhs-post.json next to them — avoid running it on directories containing sensitive documents; (2) the template can call an optional 'humanizer-zh' skill if present — only enable/trust that complementary skill if you trust it; (3) review generated posts before publishing (the skill intentionally avoids fabricating facts but still relies on the input text); (4) because it's instruction-only, no extra binaries are installed, but the agent performing the skill will need permission to read/write the target folder. If you want stricter limits, run the skill on a copy of the documents or in a directory dedicated to generated content.

Purpose & Capability: okThe name/description (convert documents into Xiaohongshu post drafts, defaulting to paper-interpretation) matches the provided SKILL.md, style guide, and template files. There are no unrelated environment variables, binaries, or install steps requested.
Instruction Scope: noteInstructions operate on local inputs (pdf/md/txt/json) and explicitly read related artifacts in the same directory (e.g., paper-card.md, *_parsed.json) to reuse prior parsing; they always write xhs-post.md and xhs-post.json to the input file directory. This is coherent for the task, but users should note the skill will read other files in the input directory and will create files next to their inputs.
Install Mechanism: okNo install spec and no code files — the skill is instruction-only, which minimizes installation risk (nothing is downloaded or written to disk by an installer beyond outputs the agent writes as normal operation).
Credentials: okThe skill declares no required environment variables, credentials, or config paths. The template optionally references an external 'humanizer-zh' skill if present, but this is optional and does not introduce new declared credentials.
Persistence & Privilege: okThe skill is not always-enabled, does not request elevated persistence, and does not modify other skills' configurations. Autonomous invocation is allowed by default but is normal for skills and is not combined with other concerning privileges here.