Back to skill
Skillv1.0.0
ClawScan security
URL解析工具 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
SuspiciousApr 29, 2026, 2:58 PM
- Verdict
- suspicious
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is a simple, local URL parser but its documentation claims additional features (encode/decode, anchor/port extraction, URL building, batch parsing) that the included script does not implement.
- Guidance
- This skill contains a small, local Python script that is harmless in itself, but the SKILL.md overstates functionality (claims encode/decode, anchor/port extraction, URL building, batch parsing) that the script does not implement. If you plan to use it, inspect the code (scripts/url_parser.py) to confirm it does what you need or update it yourself. Do not supply secrets or sensitive URLs you do not want processed locally. Because the package owner is unknown and the documentation is inconsistent with the code, prefer running the script in a sandboxed environment or locally after review; if you need the additional features, request clarification or a corrected implementation from the publisher before trusting it in automation.
Review Dimensions
- Purpose & Capability
- concernThe name/description promise URL decomposition, encoding/decoding, URL building, and batch parsing. The actual script (scripts/url_parser.py) only returns scheme, netloc, path, and a dict of query parameters. It does not implement explicit port or fragment extraction, encoding/decoding commands, URL construction, or batch processing described in SKILL.md.
- Instruction Scope
- concernRuntime instructions and handler call the provided Python script directly (no unexpected file or network access), which is good. However SKILL.md shows usage examples like "encode 你好世界" and a batch parsing capability; the handler only accepts a single positional argument (a URL) and does not support those subcommands — the instructions are therefore inaccurate and grant the agent authority to run a command that doesn't perform the documented behaviors.
- Install Mechanism
- okNo install spec and the script uses only the Python standard library. There is no external download or package installation declared.
- Credentials
- okThe skill requests no environment variables, credentials, or config paths — consistent with a small local utility.
- Persistence & Privilege
- okThe skill is not always-enabled and allows normal user invocation. It does not request persistent system privileges or modify other skills.