Back to skill
Skillv1.0.8
ClawScan security
Skywork Excel · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 10, 2026, 1:37 PM
- Verdict
- Benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- This skill is internally consistent with its stated purpose: it needs a SKYWORK_API_KEY and python3 to upload user files to the Skywork backend and stream progress logs; nothing in the code or instructions appears incoherent or unrelated to Excel/spreadsheet processing.
- Guidance
- This skill appears to do what it claims, but be aware of data-flow and privacy implications before installing: - The client uploads local files and forwards your query verbatim to an external Skywork backend (api-tools.skywork.ai). Do not send sensitive or confidential files/PII unless you trust the Skywork service and have appropriate agreements in place. - The skill requires storing an API key (SKYWORK_API_KEY). Store and manage that key securely and ensure you can revoke it if needed. - The SKILL.md explicitly forbids local inspection or sanitization of files (the backend performs file reading). If you need local redaction, do it before invoking the skill. - The skill runs a background process, writes progress logs to /tmp, and downloads outputs to your workspace; ensure file locations and log retention meet your policies. - No obfuscated code or unexpected network endpoints were found in the shipped scripts; still verify the Skywork privacy/TOS and consider testing with non-sensitive data first.
Review Dimensions
- Purpose & Capability
- okName/description, required binary (python3), primary env (SKYWORK_API_KEY), service endpoints (api-tools.skywork.ai) and included client code all align with an external Excel-processing backend. Requested artifacts (file uploads, SSE health/progress) are expected for this purpose.
- Instruction Scope
- noteSKILL.md strictly instructs the agent to forward the user's query verbatim and to NOT locally read or reinterpret user files, instead uploading them to the backend. That is coherent with the design (backend does the parsing), but it reduces any chance for local sanitization or redaction and requires forwarding potentially sensitive content unchanged.
- Install Mechanism
- okNo install spec (instruction-only + small python scripts) — nothing is downloaded from arbitrary URLs or written to system locations beyond temporary logs and user workspace; low install risk.
- Credentials
- noteOnly SKYWORK_API_KEY is required, which is proportional to contacting the external Skywork API. However, the skill uploads user files and forwards raw queries to a third-party service, so the API key and any files you provide effectively grant that service access to the data — a privacy/credential-impact consideration (expected for this functionality).
- Persistence & Privilege
- okalways is false and the skill does not request or modify other skills' configs. It writes logs to /tmp and may write outputs to user workspace, which is expected and scoped to the skill.