Skillv0.1.0

ClawScan security

coze-web-fetch · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

ReviewApr 4, 2026, 12:17 PM

Verdict: Review
Confidence: medium
Model: gpt-5-mini
Summary: The skill's code mostly matches its stated purpose (fetching and extracting URL content), but there are mismatches and missing declarations (notably around the external SDK, dependency-install instructions, and credential handling) that make its real runtime requirements and data flows unclear.
Guidance: This skill appears to do what it says (fetch and extract content) but there are gaps you should verify before installing: 1) The script imports 'coze-coding-dev-sdk' but the skill does not declare how/when that package or ts-node/typescript are installed — confirm the runtime will provide these dependencies. 2) The SDK likely sends fetched content to coze's API; ask whether any API key or account is required, and which environment variables or config files (if any) the SDK reads. The skill does not declare required credentials, which is a red flag for possible unintended data transmission. 3) The README claim that 'images are re-signed' is not implemented in the visible code — clarify what 're-signed' means and whether any signing keys are needed. 4) Before using on sensitive URLs, review or vendor-audit the coze-coding-dev-sdk source (or run the fetcher in an isolated environment) to see exactly what data is uploaded and where. If you need to proceed, require the author to add explicit dependency and env var declarations (and a statement of what data is sent to coze.com) or run the tool in a sandbox.

Review Dimensions

Purpose & Capability: concernThe name/description and the script align: it uses a coze SDK to fetch and extract content. However the skill requires the external package coze-coding-dev-sdk (imported in scripts/fetch.ts) but the SKILL.md and registry metadata do not declare that package or other Node dependencies (typescript/ts-node). Also the SKILL.md claims 'Images are re-signed for secure access' which is not implemented in the visible code — that claim is inconsistent.
Instruction Scope: concernThe SKILL.md instructs running 'npx ts-node scripts/fetch.ts' which will execute the script that calls client.fetch(url). That likely sends the fetched document content to the remote coze service (via the SDK) — this network transmission is expected for this purpose but is not documented in SKILL.md (no explicit note that content is uploaded to coze.com). The instructions do not read local files or secrets, but they omit any mention of required credentials or config that the SDK's Config() may load.
Install Mechanism: noteThere is no install spec (instruction-only), which is low risk. However required runtime packages are undeclared: the script imports 'coze-coding-dev-sdk' and is executed with ts-node; SKILL.md only lists 'npx' as required. Without explicit install steps, the script may fail or behave differently depending on the environment. This is an operational/documentation gap rather than direct evidence of malice.
Credentials: concernThe skill declares no required environment variables or credentials, yet it instantiates Config() from an external SDK — that Config may read API keys or other tokens (e.g., COZE_API_KEY or a config file). The absence of declared env vars or primary credential is disproportionate and hides whether user data will be sent to a third-party service requiring auth. The skill also makes claims (image re-signing) that could imply use of signing keys, but no keys are declared.
Persistence & Privilege: okThe skill is not always-enabled and does not request elevated or persistent platform privileges. It does not modify other skills or system settings in the visible files.