Skillv1.1.0

ClawScan security

Ai Writing Assistant Cn V1.1 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 2, 2026, 11:41 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: This is an instruction-only Chinese writing assistant that reads like marketing copy: it makes several claims (collaboration, version history, plagiarism/SEO, API) that imply external services or storage but provides no code, install steps, or credentials — the capability claims and the implementation surface are inconsistent.
Guidance: This skill appears to be a marketing-style, instruction-only assistant: it can reasonably provide templates, rewrite text, give writing guidance, and score text based on heuristics. However, features like real-time collaboration, version history, plagiarism checking, and an API usually require a backend, storage, or third-party services — none of which are present in the package. Before installing or relying on it, ask or verify: (1) Does it actually integrate with a collaboration backend or is collaboration simulated as chat instructions? (2) Where (and for how long) is any user text stored if version/history is supported? (3) How is '查重' (plagiarism) implemented and does it send content to external services? (4) Will the skill ever request credentials, files, or permission to call external APIs at runtime? If you need true team features, prefer a skill with explicit integration details (APIs, storage, required env vars) or a published source/homepage. If you only need a conversational writing helper (templates, rewriting, scoring), this instruction-only skill is low-risk but may not deliver the advertised backend features.

Review Dimensions

Purpose & Capability: concernThe SKILL.md advertises collaboration (实时协作), version history (保留10个历史版本), 查重 (plagiarism), and an API/enterprise tier — features that normally require backend services, storage, or external integrations. However the skill is instruction-only, with no code, install spec, required env vars, or config paths. That mismatch suggests the manifest is marketing-oriented: either the skill only simulates these features as conversation (which should be stated), or it omits necessary integration details.
Instruction Scope: noteThe SKILL.md contains only user-facing prose, templates and example prompts; it does not instruct the agent to read local files, access environment variables, call external endpoints, or write data. That keeps runtime scope limited and low-risk, but the instructions are vague about how advertised features are implemented (e.g., how '协作编辑' or '版本历史' would function).
Install Mechanism: okNo install spec and no code files are present. This minimizes risk because nothing is written to disk or fetched during install. The lack of an install mechanism is coherent with an instruction-only skill, but it also reinforces the capability mismatch noted above.
Credentials: noteThe skill requests no environment variables, credentials, or config paths. That is safe and privacy-preserving, but also inconsistent with advertised features (team collaboration, API, plagiarism checks) that would typically require credentials, storage, or third-party services. The absence of declared credentials could mean the skill only provides guidance and simulated features via chat.
Persistence & Privilege: okalways is false, and there are no instructions suggesting the skill will persist or modify system/agent configuration. The skill does not request elevated presence or cross-skill config access.