Skillv0.1.1

ClawScan security

Tencent Doc Update Watcher · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

ReviewMar 5, 2026, 5:17 AM

Verdict: Review
Confidence: medium
Model: gpt-5-mini
Summary: The skill appears to implement the advertised Tencent Docs re-crawl and diff workflow, but there are implementation/metadata inconsistencies (notably the script uses curl though no required binaries are declared) and it can persist sensitive raw files if run with --keep-raw — review before use.
Guidance: What to consider before installing/using this skill: - The included Python script calls the system 'curl' command to fetch pages. The skill metadata does not declare any required binaries; ensure 'curl' is present or the script will fail. - By default the skill deletes raw fetched files, but if you run it with --keep-raw it will save raw HTML, opendoc.js, HTTP headers, and cookie files in the workspace — those files can contain tokens or other sensitive data. Only enable --keep-raw in a trusted/debug setting and inspect files before sharing. - The script only contacts docs.qq.com (it builds opendoc URLs and fetches them). If you provide a config with other URLs, those will be fetched; only run with document lists you trust. - Run the tool in an isolated workspace directory (not a system or home directory) to avoid accidental overwrites; inspect the snapshots/manifest/report outputs before sharing them. - If you need stronger assurance, open and review the full scripts/check-qq-doc-updates.py source included here (it is bundled) to verify there are no additional network endpoints or hidden behaviors, and consider running it in a disposable environment first. - If you maintain the skill registry entry, correct the metadata to declare curl (or make the script use Python HTTP libs) so the declared requirements match actual runtime needs.

Review Dimensions

Purpose & Capability: noteThe skill's code implements re-crawling docs.qq.com, extracting opendoc payloads, and producing manifests/reports which is consistent with the description. However, the runtime requires the system 'curl' binary (the script calls curl via subprocess) even though the skill metadata lists no required binaries — this mismatch is unexpected and should be corrected or documented.
Instruction Scope: okThe SKILL.md instructs running the included Python script with a workspace path; the script's behavior matches that scope: it fetches HTML/opendoc payloads, parses and diffs them, writes snapshot manifests and a report, and removes raw files by default. The only notable scope expansion is the optional --keep-raw flag which will persist raw HTML, opendoc JS, headers, and cookies — these files may contain sensitive tokens and should be used only for debugging.
Install Mechanism: okThere is no install spec (no packages downloaded or installed), only a Python script included. This is low-risk from an installer perspective, but the package is not purely 'instruction-only' in practice because it bundles executable code that will be written to disk when installed by the platform.
Credentials: okThe skill does not request environment variables, credentials, or config paths. The operations it performs (HTTP fetches of docs.qq.com) are proportional to its stated purpose. Note: temporary cookie/header files are created in the workspace and may contain tokens if documents or the site use them.
Persistence & Privilege: ok'always' is false and the skill does not request persistent platform privileges. It stores snapshots and manifests under a user-specified workspace only; it does not alter other skills or global agent configuration.