Skillv1.0.5

ClawScan security

Huifu DouGong HostingPay Cashier Preorder · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 14, 2026, 10:25 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The Skill is a documentation/integration helper for Huifu's preorder API and its declared requirements and instructions are consistent with that purpose.
Guidance: This Skill is a documentation/integration guide for Huifu's preorder API and appears coherent with that purpose. Before installing: (1) confirm you trust the skill source/homepage and that you intended to integrate with Huifu; (2) review the referenced base Skill (huifu-dougong-hostingpay-base) to see how signing is implemented and where your RSA private key will be used; (3) never place HUIFU_RSA_PRIVATE_KEY in client-side code or public repositories — keep it in a secure secret store and follow key rotation practices; (4) ensure the notify_url/callback_url you provide meets Huifu's constraints and is only reachable by expected parties; (5) note the metadata inconsistency where the registry says no env vars but SKILL.md lists required config keys — treat the SKILL.md list as authoritative and verify your deployment supplies those secrets securely.

Review Dimensions

Purpose & Capability: okName/description match the content: the Skill is a language-agnostic integration guide for Huifu preorder (H5/PC, Alipay mini, WeChat mini). The required config entries (product id, sys id, RSA keys, notify/callback, project id/title) are appropriate for server-side signing and Huifu integration. Minor metadata mismatch: the registry summary shows "Required env vars: none" while SKILL.md lists required config keys; this appears to be a packaging/metadata inconsistency rather than malicious.
Instruction Scope: okSKILL.md contains API endpoint URLs, request/response fields, code examples and integration rules and does not instruct the agent to read unrelated files, exfiltrate secrets, or call unexpected endpoints. It repeatedly warns not to guess runtime values and points to a base Skill for signing logic.
Install Mechanism: okInstruction-only skill with no install spec and no downloaded code; nothing is written to disk by an installer. This is the lowest-risk install mechanism.
Credentials: okRequested config keys (HUIFU_PRODUCT_ID, HUIFU_SYS_ID, HUIFU_RSA_PRIVATE_KEY, HUIFU_RSA_PUBLIC_KEY, HUIFU_NOTIFY_URL, HUIFU_PROJECT_ID, HUIFU_PROJECT_TITLE, HUIFU_CALLBACK_URL) are reasonable and proportionate for a server-side payment integration that must sign requests and expose notify/callback URLs. Note: HUIFU_RSA_PRIVATE_KEY is highly sensitive — providing it grants the ability to produce valid signed requests, so it must be stored and handled securely by the host environment.
Persistence & Privilege: okSkill does not request always:true and is user-invocable only; it does not request system-wide config changes. Autonomous invocation is allowed by default but is typical for skills and not, by itself, a red flag here.