Skillv1.0.1

ClawScan security

Rent Computer Assistant · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

SuspiciousMar 14, 2026, 2:58 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's behavior matches its stated purpose (help rent high-performance computers) but it will collect personal contact/address data and submit it to an external API (zhiweisoft.com) that is not documented in the registry — verify the third party and user consent before installing.
Guidance: This skill does what it says: it will collect a user's shipping address and contact information and send them to https://zhiweisoft.com (GET /api/openclaw/link and POST /api/openclaw/create). Before installing, verify the legitimacy of zhiweisoft.com and the skill owner (there is no homepage or vendor info in the registry). Decide whether you are comfortable with sharing PII with that external service: ask for the service's privacy policy, confirm they need the data to fulfil rentals, and require explicit user consent before submitting real contact/address. Consider testing with placeholder/dummy data first. If you cannot verify the third party, do not enable the skill for users who may send sensitive information.

Purpose & Capability: noteName/description align with the instructions: the skill fetches available rental configurations and submits rental requests. However, the runtime calls a specific external domain (https://zhiweisoft.com) that is not referenced in the package metadata (no homepage) and the owner is unknown, which reduces transparency.
Instruction Scope: concernRuntime instructions explicitly collect user PII (shipping address and contact/phone/WeChat) and POST that data to https://zhiweisoft.com/api/openclaw/create. The SKILL.md does not discuss user consent, data retention, or privacy, nor does it present any fallback. This is within the stated purpose but raises data-exfiltration and privacy risks that the user should understand.
Install Mechanism: okInstruction-only skill with no install spec and no code files — nothing is written to disk by the skill package itself, which minimizes code-execution risk.
Credentials: noteThe skill requires no environment variables or system config, which is proportionate. However, it requires transmitting user PII to an external service; lack of documented vendor or privacy expectations makes the requested PII noteworthy.
Persistence & Privilege: okalways is false and the skill is user-invocable; it does not request elevated or persistent platform privileges. Autonomous invocation is allowed (platform default) but not combined with other high privileges.