Skillv1.0.0

ClawScan security

国内需求挖掘 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousFeb 15, 2026, 5:33 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's description matches its code (scraping and analysis of Chinese social/e‑commerce comments), but there are mismatches and privacy/operational concerns (no declared credentials, unrealistic data-volume requirements, included sample data fails the stated minimum) that warrant caution before use.
Guidance: Before installing or running this skill: 1) Review the included scripts (fetch_*.py, clean_data.py, generate_report.py) to see what network endpoints they call and whether they require authentication or external services. 2) Expect you may need platform accounts, cookies, or proxies — the skill does not declare or securely manage these credentials. 3) Check legal and platform ToS compliance for scraping and retaining user content (especially personal identifiers); add explicit anonymization if you must keep quotes. 4) The SKILL.md demands >=2000 cleaned items, but included data/cleaned.json shows only 20 and meets_minimum:false — treat included data as examples, not proof of capability. 5) Run the code in an isolated environment, inspect library dependencies (may be missing), add rate‑limiting and error handling, and avoid exposing credentials in plain text. 6) If you need guarantees about data handling or access tokens, request the skill author clarify how scraping is performed, what auth is needed, and whether the skill respects platform rules; if unclear, do not run it on sensitive networks or with production credentials.

Review Dimensions

Purpose & Capability: okName/description (China public social/e‑commerce demand mining) align with the included scripts (fetch_* for xhs/douyin/weibo/ecommerce, cleaning, classification, report generation). The code presence supports the stated purpose.
Instruction Scope: concernSKILL.md instructs the agent to fetch thousands of comments across many platforms, keep original user quotes and links, prioritize negative feedback, and generate reports. That entails collecting potentially sensitive PII and large-scale scraping. The instructions do not mention obeying platform ToS, rate limits, or explicit anonymization beyond a brief '脱敏' note in the report template, creating scope/privacy concerns.
Install Mechanism: noteNo install spec (no external downloads) — lower install-time risk. However, the repository ships multiple executable scripts; runtime execution of those scripts can perform arbitrary network I/O. There is no declared setup or dependency list, so actual runtime requirements (Python libs, crawling frameworks) are unspecified.
Credentials: noteThe skill declares no required env vars or credentials, but real-world scraping of Taobao/抖音/小红书 often needs cookies, API keys, or proxies. The absence of declared credentials is inconsistent with the heavy scraping described. Also the instructions ask to retain user original voices and links (possible PII) without strong de‑identification rules.
Persistence & Privilege: okalways:false (default) and no claims of modifying other skills or system settings. The skill does not request persistent elevated privileges in the metadata.