Back to skill
Skillv1.0.0
ClawScan security
S.H.I.T Journal 论文推荐 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 8, 2026, 3:36 AM
- Verdict
- benign
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's requirements and runtime instructions are coherent with its stated purpose (randomly recommending spoof 'S.H.I.T Journal' papers) and it doesn't request extra credentials or install code, but it instructs web browsing of an external, unknown site which has some operational and content risks.
- Guidance
- This skill appears internally consistent, but before installing consider: (1) the skill instructs the agent to browse an unknown external site (https://shitjournal.org) — that site could host NSFW content, tracking, or malicious pages; (2) some pages may require login or display consent dialogs — the skill gives no safe fallback if credentials are requested; (3) if you have policies restricting external web access or NSFW material, restrict the agent's browser tool or review fetched pages manually; (4) if you want greater assurance, verify the target site's safety and provenance or modify the SKILL.md to limit navigation (e.g., disallow external redirects or stop on login prompts).
Review Dimensions
- Purpose & Capability
- okName/description (randomly recommend spoof journal papers) match the instructions: they tell the agent to visit the journal site, list papers, pick one at random, and format output. No unrelated credentials, binaries, or installs are requested.
- Instruction Scope
- noteSKILL.md explicitly instructs the agent to use a browser tool to visit https://shitjournal.org/preprints, click through regions, handle an 18+ consent prompt, and possibly follow login-protected pages. These actions are consistent with fetching articles but do involve interacting with an external, unknown website and potentially NSFW content or pages requiring authentication.
- Install Mechanism
- okNo install spec, no code files — lowest-risk instruction-only skill. Nothing is written to disk by an installer.
- Credentials
- okSkill declares no environment variables, credentials, or config paths and the instructions do not request any secrets. There is no disproportionate access requested.
- Persistence & Privilege
- okalways is false and the skill does not request persistent or system-level privileges. Autonomous invocation is allowed (platform default) but not combined with other high-risk factors.