Skillv1.0.0

ClawScan security

daily-gushiwen · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignFeb 19, 2026, 7:07 AM

Verdict: Benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's instructions and requirements are coherent for a web-scraping, daily-poetry notifier; it makes outbound HTTP requests and uses shell curl, but it doesn't ask for unrelated credentials or installations.
Guidance: This skill is internally consistent for scraping and sending daily poetry from gushiwen.cn, but consider the following before installing: - Runtime requirements: SKILL.md expects to run curl (exec+curl). Ensure the agent runtime has curl or an equivalent HTTP fetcher and that executing shell commands is acceptable in your environment. - Network egress: The skill will make outbound HTTP requests to gushiwen.cn and to ziyuan.guwendao.net (for image URLs). If you run agents in a restricted network or care about data leaving your environment, review your egress rules or sandbox the skill. - Message delivery: The skill references a 'message' tool to send text and media. Confirm what messaging integration the agent will use (and whether that tool has access to other data) to avoid unintended data sharing. - Legal/terms: This is basic scraping of a third‑party site; verify that scraping the site is allowed by the site's terms of service and that you are comfortable with the content license. - Safety: Parsing HTML with regex is brittle; test the skill on a few days to ensure formatting and image extraction work and to avoid malformed outputs. If you want to be stricter, require the skill not run shell exec (or disable autonomous invocation) and instead provide a controlled HTTP client. If any of the above is unacceptable (shell execution, outbound requests, or automatic message posting), do not enable the skill or restrict its permissions/sandbox it first.

Review Dimensions

Purpose & Capability: noteThe name/description (fetch daily content from gushiwen.cn) matches the instructions (download homepage, parse poems, extract image URLs, assemble message). Minor inconsistency: SKILL.md expects exec+curl or tavily_extract and use of a 'message' tool, but the registry metadata lists no required binaries or tools—this is a documentation gap rather than a functional mismatch.
Instruction Scope: okInstructions stay within the stated purpose: fetch gushiwen.cn homepage HTML, parse poem/painting/name-quote sections, extract image URLs from <img src="https://ziyuan.guwendao.net/..."> and format/send messages. The instructions do call for executing shell commands (exec+curl) and parsing with regex, which is brittle but consistent. They do not instruct reading unrelated files, accessing credentials, or exfiltrating other system data.
Install Mechanism: okNo install spec and no code files (instruction-only), which is lowest-risk for disk writes. The only runtime dependency implied is a network-capable runtime and a curl binary if exec+curl is used.
Credentials: okThe skill declares no environment variables or credentials and the instructions do not reference any secrets. This is proportionate to its scraping/formatting purpose.
Persistence & Privilege: okalways is false and the skill does not request persistent or cross-skill configuration changes. disable-model-invocation is false (default autonomous invocation) which is normal for skills and is not by itself a red flag here.