Back to skill
Skillv1.0.0
ClawScan security
早播新闻 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 13, 2026, 2:45 AM
- Verdict
- Benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's requests and runtime instructions are consistent with its stated purpose: it only describes calling a public Zao Live endpoint to generate share links and does not ask for credentials, install code, or access unrelated system data.
- Guidance
- This skill is internally consistent: it will call https://zao.live/zaobo/newshare to get a share link and present it as a Markdown link. Before installing or enabling it, consider whether you trust the external domain (zao.live) because using the skill causes your agent to make network requests to that site; if you need stricter privacy, only enable skills that run locally or that you control. If the endpoint later requires authentication or behaves differently than described, the skill may fail or return unexpected results — verify the API behavior with the service owner if you need stronger assurances.
Review Dimensions
- Purpose & Capability
- okName/description (generate Zao Live share cards/links) match the SKILL.md: the runtime instructions specify calling a single HTTPS endpoint on the same domain (zao.live) to obtain a share URL. There are no unrelated credentials, binaries, or config paths requested.
- Instruction Scope
- okSKILL.md only instructs the agent to GET a public endpoint and format the returned share URL into Markdown. It does not instruct reading files, environment variables, other services, or exfiltrating data beyond calling the stated API.
- Install Mechanism
- okThere is no install spec and no code files. As an instruction-only skill, nothing will be written to disk or installed; this is the lowest-risk install model and appropriate for the described function.
- Credentials
- okThe skill declares no required environment variables, no primary credential, and no config paths. That is proportionate for a public, unauthenticated HTTP endpoint described in the instructions.
- Persistence & Privilege
- okalways is false and the skill does not request elevated or persistent privileges. It does not modify other skills or system configuration. Autonomous invocation is allowed by default but is not combined with other concerning privileges.