Dianping-query
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
NoteMedium Confidence
ASI03: Identity and Privilege AbuseWhat this means
The agent may interact with Dianping while authenticated, so searches could be associated with the logged-in account.
Why it was flagged
The skill may use a logged-in Dianping account/session or ask the user to complete phone/SMS login. This is related to the service being queried, but it is still account access that users should notice.
Skill content
确认登录状态(显示"一定S"即已登录)... 如果未登录,需要用户配合输入手机号和验证码
Recommendation
Only use the skill if you are comfortable with the agent browsing Dianping in that account/session, and avoid entering verification codes unless you intend to log in.