v1.4.2

视频号POI团购变现

BenignClawScan verdict for this skill. Analyzed May 2, 2026, 6:05 PM.

Analysis

This appears to be a benign instructional WeChat POI/group-buy guide, but users should not share real WeChat tokens, identity documents, or business credentials and should inspect any maintenance script before running it.

GuidanceBefore installing, confirm you trust the publisher and use this skill as an advisory knowledge base. Do not paste full ID numbers, phone numbers, business-license numbers, access_token, appsecret, or API keys into chat. If you adapt its API guidance or run the included index-building script, do so manually after review and with explicit intent.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation

SeverityLowConfidenceHighStatusNote

references/位置服务管理API速查.md

新增服务定义 ... 删除服务定义 ... 新增位置服务授权 ... 删除位置服务授权

The reference material documents API actions that can add or remove WeChat POI service definitions and authorizations. This is purpose-aligned documentation, not an automatic tool call, but it could affect a real merchant account if copied into an authenticated integration.

User impactIf used with real credentials, these API actions could change which services appear on a merchant's WeChat location page.

RecommendationTreat the API material as guidance only; require explicit user confirmation and use placeholders or test credentials unless the user intentionally performs a real integration.

Agentic Supply Chain Vulnerabilities

SeverityInfoConfidenceMediumStatusNote

metadata

Source: unknown; Homepage: none

The package provenance is not linked to a source repository or homepage. This does not show malicious behavior, but it limits independent verification.

User impactUsers have less external context for who maintains the skill and how its files were produced.

RecommendationPrefer installing from a trusted publisher and inspect included files before relying on the guidance for business-critical workflows.

Unexpected Code Execution

SeverityLowConfidenceMediumStatusNote

SKILL.md

修改类目数据时，先改 `categories.json`，再运行 `scripts/build_index.py` 同步 `index.html`。

SKILL.md references manually running a local maintenance script when updating category data. This is a scoped, purpose-aligned maintenance step rather than automatic execution.

User impactRunning local scripts from an unverified package can affect local files, even when the intended purpose is benign.

RecommendationDo not run the maintenance script automatically; review it first and run it only when intentionally maintaining the skill's category/index files.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityLowConfidenceHighStatusNote

references/位置服务管理API速查.md

权限要求：第三方平台需新增位置服务管理权限集 195 并重新授权

The workflow may involve delegated WeChat location-management permissions. This is expected for POI management, but the permission can be sensitive because it relates to merchant account/location authority.

User impactGranting the wrong third party this permission could let them manage POI-related services for the merchant.

RecommendationOnly authorize trusted WeChat third-party platforms, verify the requested scope, and avoid pasting real access_token or appsecret values into chat.