Back to skill
Skillv0.1.0
ClawScan security
HungryPanda Book · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 10, 2026, 12:42 PM
- Verdict
- benign
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's requests and instructions are consistent with a food‑delivery agent: it asks you to register an agent, store the HungryPanda API key locally, poll a heartbeat, and call the HungryPanda API — nothing requested is disproportionate to that purpose.
- Guidance
- This skill appears to be what it says: an agent that registers with HungryPanda, stores an API key locally, polls status, and places orders. Before installing: 1) Confirm the domain (open.hungrypanda.vip) is legitimate and served over TLS; 2) Prefer storing API keys in a secure keyring or with strict file permissions (chmod 600) rather than plaintext ~/.config; 3) Review any automatic ordering/heartbeat behavior so the agent cannot place orders without your explicit confirmation; 4) If you download the SKILL.md/other files, inspect them before allowing the agent to execute any new scripts; 5) Do not reuse other service credentials with this skill and avoid pasting secrets into untrusted prompts. If you want higher assurance, request the skill author’s source code or an official published package rather than relying on ad hoc curl installation instructions.
Review Dimensions
- Purpose & Capability
- okName/description (AI agent for food delivery) match the instructions: registering an agent, browsing restaurants, managing addresses, and placing orders. No unrelated credentials or binaries are requested.
- Instruction Scope
- noteSKILL.md tells the agent to register, save an API key, fetch/refresh files from open.hungrypanda.vip, update local heartbeat/memory files, and make API calls. These actions are within scope for an autonomous delivery agent but the guidance includes writing credentials and periodic polling — verify the agent only transmits the API key to the documented domain and that any automatic ordering requires explicit confirmation.
- Install Mechanism
- noteThere is no formal install spec; the doc suggests curl'ing files from https://open.hungrypanda.vip into ~/.hungrypanda/skills. Downloading remote skill docs is expected but carries the usual risk of executing or writing remote content to disk — verify the domain and TLS cert before saving or executing content.
- Credentials
- okNo environment variables or unrelated credentials are requested. The skill instructs storing a HungryPanda API key locally (credentials.json) which is proportional to its function, but storing keys in plaintext is a security risk the user should mitigate (use keyring or restrict file permissions).
- Persistence & Privilege
- noteThe skill recommends being included in a heartbeat (periodic checks) and storing state/credentials locally, which gives it persistent presence but does not force always:true or modify other skills. Ensure heartbeat frequency and autonomous actions are acceptable to you (especially any auto-order behavior).