Skillv1.0.0

ClawScan security

Market Briefing · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 11, 2026, 7:25 AM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill's instructions, endpoints, and file I/O are consistent with a scheduled market-news briefing; the main issue is sloppy metadata (it doesn't declare the mcporter/Feishu prerequisites) so verify tool credentials and workspace paths before enabling.
Guidance: This skill appears to do what it says (periodic market-news briefs) but the package metadata omitted required tools. Before installing: (1) Confirm the source/author (homepage unknown). (2) Ensure mcporter and the tavily MCP are intentionally configured and trusted. (3) Verify how the Feishu message tool is configured and where its token/credentials are stored (avoid placing tokens in shared files). (4) Choose a dedicated workspace/memory path and review its contents/permissions since the skill will read and append the reported-news log. (5) If you plan to schedule autonomous runs, consider testing manually first and inspect a few generated messages to ensure no sensitive data is leaked. If anything is unclear, ask the publisher to update the registry metadata to list required binaries and any env vars/config paths.

Review Dimensions

Purpose & Capability: noteThe declared purpose (scheduled market briefings via Feishu using Tavily/search + web fetch) matches the runtime instructions. However, the registry metadata lists no required binaries or env vars while SKILL.md explicitly requires the mcporter CLI (tavily-remote-mcp) and a Feishu message tool — a metadata/manifest mismatch that should be resolved.
Instruction Scope: okSKILL.md stays within the stated purpose: detect time, run Tavily searches, optionally fetch public news sites, deduplicate against a local log, compose a briefing, and send it via a Feishu messaging tool. It reads and appends to a workspace memory file (reported-news-YYYY-MM-DD.txt) — appropriate for deduplication but worth noting because it gives the skill read/write access to that workspace path.
Install Mechanism: okThis is instruction-only (no install spec, no code files). That minimizes install risk. There is no download/extract step in the skill itself. The skill expects external tools (mcporter, Feishu tool) to already be present.
Credentials: noteThe skill does not request environment variables or credentials in the registry, yet it relies on external tools that typically require credentials (e.g., a Feishu bot/token configured in the agent/tooling and mcporter pointing at a Tavily MCP). This is likely an oversight in metadata rather than malicious intent — but you should confirm where Feishu credentials and mcporter configuration live and ensure they are not stored in broadly-shared files.
Persistence & Privilege: okalways is false and the skill does not request permanent/agent-wide privileges. It writes only to a per-workspace memory log and does not modify other skills or global agent config. Autonomous invocation is allowed (platform default) — be aware of the normal blast radius if you enable autonomous runs.