Skillv1.0.0

ClawScan security

ai-sbti-skill-test · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

ReviewApr 9, 2026, 7:11 PM

Verdict: Review
Confidence: medium
Model: gpt-5-mini
Summary: The skill's code and scripts mostly match an offline backlink-planning purpose, but there are unexplained secret-handling instructions and a missing config template that make the bundle inconsistent and worth closer review before installing.
Guidance: This skill appears to implement an offline backlink scoring and relay planner and contains no network calls, but the SKILL.md asks you to place a 'secrets' env file in /root/.openclaw/workspace/.secrets and the runner will source and export all variables from that file. Before installing or running: 1) Open and inspect any env file you put into that path — do not copy credentials you don't understand. 2) Note the package does not include the referenced config/ai-sbti-skill-test.env.example file (SKILL.md references a template that is missing) — ask the author or create a minimal env with only the specific flags you need (SITE_URL, INPUT_CSV, etc.). 3) Prefer running the Python script with explicit command-line flags pointing to local CSVs in an isolated environment rather than sourcing an opaque secrets file. 4) If you plan outreach or automated submission steps (not present here), ensure those components are separate and audited; do not store platform-level API keys or cloud credentials in the advised secrets file. 5) If you want higher assurance, run the scripts in a sandbox, and consider removing the source/ export behavior (the 'set -a; source ENV; set +a' block) or restrict the env file to non-sensitive parameters.

Review Dimensions

Purpose & Capability: noteThe name, description, CSV templates, and the Python planner align with a backlink-prioritization tool for aisbti.com. The included scripts only parse CSVs and produce markdown/JSON outputs — functionality is coherent with the stated SEO planning purpose. However, SKILL.md instructs storing 'credentials' in a secrets file even though none of the code requires API keys or external services; that guidance is not justified by the planner itself.
Instruction Scope: concernRuntime instructions ask you to copy a runtime env template into /root/.openclaw/workspace/.secrets and warn 'Never store credentials under skills/'. The runner script will source and export any variables found in that file. The code does not use network calls or external endpoints, so the requirement to place credentials in a secrets file is vague and unnecessary for the planner-only workflow. Also, SKILL.md's quick-start copies from skills/ai-sbti-skill-test/config/ai-sbti-skill-test.env.example but that file is not present in the package (missing template) — a coherence issue.
Install Mechanism: okNo install spec is provided; this is an instruction-only skill with local scripts. No external downloads or package installs are performed by the bundle itself, which is the lowest-risk install profile.
Credentials: concernThe package declares no required environment variables or credentials, yet SKILL.md and the bash runner encourage keeping a secrets file in /root/.openclaw/workspace/.secrets and the runner will source and export it. The planner only needs file paths and simple flags; requiring or advising arbitrary credentials is disproportionate. Sourcing an unspecific secrets file could expose platform tokens or unrelated secrets to the process environment if the user follows the instructions without auditing the file.
Persistence & Privilege: okalways is false; the skill does not request persistent or platform-wide privileges, and it does not modify other skills or system-wide agent settings. Autonomous invocation is allowed by default but not combined with other elevated privileges here.