Skillv0.1.0

ClawScan security

Xiaohongshu · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignMar 16, 2026, 8:07 AM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: Instructions are consistent with a tool for summarizing public Xiaohongshu (小红书) pages and author metrics; there are no undeclared credentials or installs, but some guidance is vague around login and rate-limiting so exercise caution.
Guidance: This skill is coherent for analyzing public Xiaohongshu pages, but you should: (1) refuse to provide account credentials, session cookies, or secrets unless you explicitly trust the agent and understand the risk—SKILL.md mentions login state but declares no credentials; (2) monitor and limit the agent's scraping behavior (rate limits, request caps) to avoid ToS violations or triggering platform defenses; (3) be cautious if the agent later requests installation of headless browsers or scraping libraries (these are higher-risk installs); (4) prefer using official APIs or platform-provided endpoints when available; and (5) if you want stronger guarantees, ask the skill author to clarify how login-requiring data is handled and to add explicit safeguards around request frequency and data retention.

Purpose & Capability: okName/description (search/summarize public Xiaohongshu notes and author pages) matches the SKILL.md content. The skill asks for no binaries, env vars, or installs, which is proportionate for an instruction-only public-page analysis helper.
Instruction Scope: noteSKILL.md instructs the agent to access public search/author pages and extract specific fields, and it explicitly discourages bulk scraping and automated login. However some instructions are high-level (e.g., '分页解析', '请求频率需控制') and leave implementation discretion to the agent, which could lead to excessive requests or attempts to bypass anti-bot controls if not constrained.
Install Mechanism: okNo install spec and no code files — lowest-risk form. Nothing is downloaded or written to disk by the skill itself.
Credentials: noteThe SKILL.md mentions '登录态仅用于个人页信息整理' (login state may be used for personal page info) but the skill declares no required credentials or config. This is a mild inconsistency: if the agent later asks for cookies/credentials to access private or account-bound pages, those requests would be outside the declared requirements and should be treated carefully.
Persistence & Privilege: okalways is false and there is no mechanism to persist or modify other skills or system-wide settings. The skill does not request elevated presence.