Skillv1.0.2

ClawScan security

中国天气预报查询 (China Weather) · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

SuspiciousMar 5, 2026, 2:36 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill appears to be a straightforward web-scraper for weather.com.cn and asks for no credentials, but the packaged Python file was truncated in the provided materials so I cannot fully verify there is no hidden network/exfiltration behavior.
Guidance: This skill is coherent with its description: it runs a Python scraper to fetch weather data from weather.com.cn and needs network access. However, the provided lib/weather_cn.py content was truncated, so you should inspect the complete file before installing or allowing execution. Specifically: 1) confirm there are no additional network endpoints, telemetry callbacks, or suspicious shell executions in the missing portion; 2) run the script in a restricted/sandboxed environment if possible; 3) ensure you are comfortable granting the agent the ability to exec python3 (the skill uses allowed-tools: exec) and that outbound HTTP access to weather.com.cn is acceptable for your environment. If you cannot review the full source, treat this as higher risk and avoid installing.

Purpose & Capability: okName/description match the observed behavior: the skill ships a Python script that searches toy1.weather.com.cn for city codes and scrapes weather.com.cn pages for a 7-day forecast and life indices. Required binary (python3) is appropriate and no unrelated credentials or binaries are requested.
Instruction Scope: noteSKILL.md instructs the agent to run the bundled Python script (allowed-tools includes exec). The instructions are scoped to querying weather data and explicitly note the network dependency (access to www.weather.com.cn). This is expected, but because execution is allowed, review of the full script is necessary before trusting it.
Install Mechanism: okNo install spec — instruction-only with a bundled code file. No downloads or external installers are requested. This is low-risk in terms of install mechanism.
Credentials: okNo environment variables, no credentials, and no config paths are required. The skill only needs outbound HTTP access to weather.com.cn and the toy1 search endpoint, which is proportionate to its purpose.
Persistence & Privilege: okSkill is not always-on, does not request persistent system-wide changes, and does not modify other skills' configs. Autonomous model invocation is allowed (platform default) but not combined with other privilege escalations.