Skillv1.0.0

ClawScan security

连续短剧剧情构建 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

ReviewMar 6, 2026, 7:35 AM

Verdict: Review
Confidence: medium
Model: gpt-5-mini
Summary: The skill appears to implement a local story-generation pipeline, but the documentation and code disagree about key behaviors (remote graph API vs local storage, retry limits, and some unimplemented methods), so the package is internally inconsistent and needs clarification before trusting it.
Guidance: Before installing or running this skill, note three mismatches that need clarification: (1) SKILL.md advertises a remote graph API (https://framedream.art/...) and says graph storage uses that endpoint, but the included GraphManager saves/loads local JSON files and contains no HTTP calls — ask the author which is authoritative. (2) The documentation says AI-review retries are limited to 3, but pipeline.py contains comments and messages indicating unlimited retries; decide which policy you want and update code/docs. (3) AIReviewer.review_episode is a stub; the design expects an LLM to produce the review JSON. If you plan to run the pipeline, verify how reviews are produced (local logic vs external LLM) and whether any prompts will send full episode content to external services. If you are uncomfortable with potential network calls to framedream.art or with indefinite automatic retries, run the skill in an isolated environment and/or request the author to: remove or document any remote endpoint usage, implement/clarify retry limits, and explicitly state where review LLM invocations occur and what data is sent. If you accept the local-only behavior, inspect and back up the data/ directory (it will contain persistent story data) and run tests with dummy pipelines first.

Review Dimensions

Purpose & Capability: concernThe skill's stated purpose (pipeline + graph management + AI review) matches the included code shape, but SKILL.md repeatedly describes a remote '图谱接口' (https://framedream.art/...) and says graph storage is via a network endpoint. The actual GraphManager implementation in scripts/graph_manager.py uses local JSON files under data/graphs and contains no network calls. This mismatch (remote API referenced in docs but not used in code) is unexplained and could lead to surprising behavior if a user or integrator follows the docs instead of the code.
Instruction Scope: concernSKILL.md instructs the agent to call graph endpoints and states '图谱存储：通过远程接口存储，需要网络连接', yet the code stores graphs locally. The SKILL.md also documents '最多3次' retry on AI review, while pipeline.py's comments and process_ai_review logic indicate retries may be unlimited. Additionally, ai_reviewer.AIReviewer.review_episode is unimplemented (pass) and the module's design expects an external LLM to produce JSON review outputs. These inconsistencies give the agent ambiguous discretion about network use and retry behavior.
Install Mechanism: okNo install spec and no external dependencies or download URLs are declared; the skill is instruction/code-only and writes files under its workspace. That lowers installer risk — nothing in the package pulls arbitrary code from the network during install.
Credentials: okThe skill declares no required environment variables, credentials, or config paths. The code also does not reference environment secrets or external auth. This is proportionate to its stated functionality.
Persistence & Privilege: noteThe skill persists state to data/pipeline_state.json and stores graphs under data/graphs (read/write). It is not always:true and does not alter other skills or system-wide settings. Still, persistent local storage of generated content means user data (generated episodes) will remain on disk; if the docs' remote endpoint were used by an operator, that could add network persistence/exfiltration risk.