Skillv1.0.0

ClawScan security

Ai Planner · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 1, 2026, 1:57 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: This skill is internally consistent with its stated purpose: it performs local, deterministic analysis to produce creative briefs, reads bundled config files, and saves brief history to its own memory file; it does not request credentials or perform obvious external network activity.
Guidance: This skill appears coherent and behaves locally: it reads bundled config files and writes its own brief history file. Before installing, consider: 1) Review the full agent.py (the provided file was truncated at the end) to confirm there are no hidden network calls or telemetry. 2) If you may send sensitive product data or user information to the skill, note that prompts are appended to memory/brief_history.md in the skill folder — clear or restrict that file if needed. 3) Verify filesystem permissions or run the skill in an isolated environment if you want to limit persistent storage. 4) The skill recommends external tools (jimeng/liblib) but does not appear to call them; if later integration with those services is added, expect those to require credentials. If you want higher assurance, request a complete, un-truncated agent.py review to confirm the absence of outbound network I/O.

Review Dimensions

Purpose & Capability: okName/description (电商图片需求分析、创意构思、Prompt 优化) match the included code, config files, and SKILL.md. Required artifacts (config/planner_config.json, config/ecommerce_rules.json) are present and directly used by the agent. No unrelated permissions, credentials, or binaries are requested.
Instruction Scope: okSKILL.md limits behavior to parsing user text, generating briefs/prompts, recommending tools, and saving outputs. The agent implementation reads local config files and writes a history file under the skill's memory folder — these actions align with the documented scope. No instructions or code paths in the visible content attempt to read unrelated system files or external credentials.
Install Mechanism: okThere is no install spec (instruction-only deployment) and the skill includes a local agent.py and JSON configs. Nothing in the manifest downloads or executes third-party code during install.
Credentials: okThe skill declares and requires no environment variables, no external credentials, and no config paths outside its own folder. The variables and files it uses are bundled with the skill and are appropriate for its function.
Persistence & Privilege: noteThe agent writes brief records to memory/brief_history.md inside the skill directory (creates the directory if needed). This is expected for a planner that keeps history, but users should be aware that input text (prompts) will be persisted to disk within the skill's folder.