Skillv1.0.0

ClawScan security

downloader · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 9, 2026, 5:35 PM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill's declared purpose (extracting video and user data from Douyin/TikTok/Bilibili) aligns with its instructions and included artifacts; it is an instruction-only wrapper around an external API and does not request extra credentials or install software, but the source/host are unspecified so caution is warranted.
Guidance: This skill is an instruction-only wrapper around an external Douyin/TikTok/Bilibili API and otherwise coherent, but take these precautions before installing: - Provide a trusted base_url/host: the bundled config uses 'xxx' placeholders; point it to a known, reputable API provider. If you leave it pointed to an unknown endpoint, the skill will send requests to that server. - Understand what data will be sent: the agent will forward query parameters (video IDs, user IDs, etc.) to the configured API. Avoid enabling the skill if your agent has access to sensitive data you wouldn't want transmitted to third parties. - Because the skill makes outbound network requests, consider limiting autonomous invocation or running it in a restricted environment if you are concerned about accidental data leakage. - Verify licensing and terms: downloading or scraping content may have copyright or TOS implications for your use-case. - If you need higher assurance, request provenance (who published the skill, a homepage or source repository) or ask the publisher to replace the placeholder host with their verified API endpoint before use.

Review Dimensions

Purpose & Capability: okName/description match the SKILL.md: the document enumerates many API endpoints for Douyin/TikTok/Bilibili and includes example request/response data. The skill does not request unrelated credentials or binaries. The only oddity is the placeholder host/base_url ('xxx' / 'http://xxx.com') which means a real API host must be supplied by the operator; that is plausible for a downloader frontend.
Instruction Scope: okSKILL.md contains API endpoint docs and parameter examples; it instructs the agent to call those endpoints (via the configured base_url) and does not direct the agent to read arbitrary local files or environment variables beyond the bundled config.json. There are no broader 'gather whatever context you need' directives or hidden steps in the provided excerpt.
Install Mechanism: okNo install spec and no code files to execute; instruction-only skills are lower risk because nothing is written to disk or fetched at install time.
Credentials: okThe skill declares no required env vars, credentials, or config paths. It performs network calls to a (user-specified) API host, which is proportionate to its stated purpose. Note: because the host is unspecified, the operator must supply a trusted endpoint — otherwise calls could go to an untrusted server.
Persistence & Privilege: okalways is false and there are no instructions to modify other skills or system-wide settings. The skill can be invoked by the agent (default behavior) but does not request elevated or persistent privileges.