Back to skill
Skillv1.0.0
ClawScan security
Article to Infographic · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
SuspiciousFeb 24, 2026, 12:27 PM
- Verdict
- suspicious
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's stated purpose (convert articles to self-contained HTML infographics) mostly matches the included materials, but there are inconsistencies and a runtime install behavior that warrant caution before installing or running it.
- Guidance
- This skill appears to do what it says (generate HTML infographics) and enforces explicit confirmation steps, which is good. Two things to watch out for before installing or running it: (1) The included Python script will try to install Playwright and download Chromium at runtime (via pip and playwright install). That performs network downloads and writes packages/browsers to the environment — run it only in a sandbox or on a machine where you permit new packages. (2) skill.json advertises multiple PNG fallback tools (Selenium, wkhtmltoimage, CutyCapt) but the shipped script implements only Playwright; that mismatch may indicate incomplete implementation. Recommended actions: review the html_to_png.py contents (you have them), run PNG export only in an isolated environment if you need it, or ask the author to provide an explicit install spec (or a packaged binary) and to remove or justify the use of --break-system-packages. If you are uncomfortable with on-demand package installs or external font/CDN calls, use the skill for HTML-only generation and avoid the PNG export step.
Review Dimensions
- Purpose & Capability
- noteName/description, references, templates, and the html_to_png.py script are coherent with an article→infographic generator. However, skill.json advertises a fault-tolerant PNG fallback chain (Playwright → Selenium → wkhtmltoimage → CutyCapt) while the provided script implements only Playwright. The presence of optional dependencies for multiple rendering tools without corresponding code is an inconsistency.
- Instruction Scope
- okSKILL.md confines actions to acquiring article content (URL/file/text), analyzing it, interactive multi-step confirmations, generating a single self-contained HTML, and optionally exporting to PNG. It explicitly requires explicit user confirmations at several points (good). It references fetching URLs (WebFetch) and reading files provided by the user, which is expected for this skill and is not out-of-scope.
- Install Mechanism
- concernThere is no formal install specification; instead, scripts/html_to_png.py will attempt to install Playwright (pip install playwright) and run `playwright install chromium` at runtime via subprocess. Automatic pip/browser installation during execution can download code and write to the environment, and the script uses the pip flag `--break-system-packages` which can alter system package isolation. Because the skill lacks a declared, reviewed install mechanism and will perform network installs at runtime, this is a moderate risk and should be run in a controlled/sandboxed environment.
- Credentials
- okThe skill requests no environment variables, credentials, or config paths. The references and changelog mention external font CDNs (including China mirrors like fonts.loli.net and fonts.font.im) and third-party illustration sources; these are reasonable for rendering/display but are external network endpoints to be aware of. No credentials are requested, which is proportionate.
- Persistence & Privilege
- okThe skill is not always-included and does not request elevated or persistent platform privileges. The only persistent side-effect implied is installing packages/browser binaries when running the PNG export script; it does not modify other skills or system config beyond installing dependencies.