Skillv1.0.0

ClawScan security

6大平台热搜聚合 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 17, 2026, 4:23 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill is internally consistent: it fetches public hot-trend lists from the six named Chinese platforms using an included Python script, requires no credentials or installs, and its runtime instructions match its stated purpose.
Guidance: This skill appears to do what it says: it runs a Python script that queries public platform endpoints and prints aggregated hot-trend lists. Before installing: (1) be aware it makes outbound network requests to third-party sites (no credentials are sent), so use in environments where such traffic is acceptable; (2) if you need stronger guarantees about privacy/safety, run the script in a sandbox or inspect the code locally (the repository includes the full Python script); (3) note that scraping public endpoints can break if platforms change their APIs or rate-limit/block requests; and (4) if you rely on the --recommend AI feature, check how you will generate text (the skill itself doesn't require model credentials but may output recommendations you then use).

Review Dimensions

Purpose & Capability: okName/description claim to aggregate hot/trending lists from Zhihu, Weibo, Baidu, Bilibili, Douyin, and Toutiao — the included script contains platform-specific fetch_* functions and URLs for each service. No unrelated credentials, binaries, or system access are requested.
Instruction Scope: noteSKILL.md instructs the agent to run the provided script with options (--platform, --limit, --json, --recommend). The instructions and script stay within the claimed scope (fetching and formatting public trend data). Minor note: SKILL.md states a '双层降级' SSL fallback; the script attempts to handle SSL errors but does not disable verification — this is an implementation detail, not a scope expansion. The skill triggers on specific keywords (expected for a hot-trends skill).
Install Mechanism: okNo install spec; code is instruction-only with a packaged Python script. Nothing is downloaded at runtime, and no external install steps are required. This low-risk arrangement is appropriate for the stated functionality.
Credentials: okThe skill declares no required environment variables, no credentials, and no config paths. The script only makes outbound HTTP(S) requests to public endpoints — there is no use or request for secrets or unrelated service tokens.
Persistence & Privilege: okalways is false and the skill is user-invocable. It does not request permanent presence or attempt to modify other skills or system-wide agent settings. Autonomous invocation (default platform behavior) is unchanged.