Skillv2.1.0

ClawScan security

Xhsfenxi · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 9, 2026, 12:13 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code, instructions, and requirements are consistent with a Xiaohongshu (RED) creator-analysis/reporting tool and do not request unrelated credentials, binaries, or installs.
Guidance: This skill appears coherent and matches its stated purpose. Before installing or using it: (1) confirm you have Node >=18 if you intend to run the included scripts; (2) understand that deep analysis requires you to provide public links or screenshots—do not upload private credentials or unrelated files; (3) the SKILL references local Python docx tools stored in a separate archive (not bundled), so producing the Word deliverables as described may require you to obtain or run external scripts; (4) if you need higher assurance, inspect the included JS files (they only print templates/prompts) and test in a sandboxed agent environment before giving it access to sensitive data.

Review Dimensions

Purpose & Capability: okName/description (Xiaohongshu creator analysis → archetypes, topic formulas, Word/Markdown reports) match the included assets: SKILL.md, templates, workflow, and small helper Node scripts that produce prompts/templates. The package.json and scripts are appropriate for generating intake prompts, archetype prompts, and docx-generation plans.
Instruction Scope: noteSKILL.md explicitly limits itself to public evidence, asks for user-provided links/screenshots, and cautions not to fake access to private detail pages—this stays within scope. Note: the workflow and docx-generation docs reference external/local Python scripts and an archive path (~/Desktop/.../openclaw_cosmo/...), which are not bundled; producing the final .docx as described therefore requires external tools not included with the skill. Also be aware that when you supply screenshots/links you may be sending private content to the agent for analysis.
Install Mechanism: okNo install spec; the skill is instruction-first with small helper Node scripts. No downloads from remote URLs or archive extraction are present in the package. Runtime metadata indicates Node >=18, which matches the included scripts.
Credentials: okThe skill declares no required environment variables, no credentials, and no config paths. The runtime instructions do not ask for secrets or unrelated system credentials. It only asks for user-provided links/screenshots when deep analysis is required.
Persistence & Privilege: okSkill does not request always:true and uses default agent invocation settings. The package contains only reporting/helper scripts and templates; there is no evidence it attempts to modify other skills or system-level configuration.