Back to skill
Skillv1.0.1
ClawScan security
China Express Query · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 13, 2026, 10:32 PM
- Verdict
- Benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's code, instructions, and requirements are coherent with a simple courier-tracking tool that queries third‑party public APIs (kuaidi100 / Baidu); nothing requests unrelated credentials or system access.
- Guidance
- This skill appears to do exactly what it says: a Node CLI that queries public courier tracking APIs. Before installing, consider that it will make outbound HTTP requests to third‑party services (kuaidi100 and a Baidu endpoint) and send whatever tracking numbers you provide — if those numbers are sensitive, avoid passing them or run the script locally. No credentials are requested. If you need stricter guarantees, review the small script (scripts/query.mjs) yourself; it is concise and easy to audit.
Review Dimensions
- Purpose & Capability
- okName/description match the implementation: a Node CLI that detects courier company from a tracking number and queries public tracking APIs. Required binary is only node and no unrelated secrets, which is proportionate to the stated purpose.
- Instruction Scope
- okSKILL.md instructs running the provided script with a tracking number and optional flags. The runtime behavior is limited to network queries to kuaidi100 and a Baidu query endpoint, formatting output, and optionally writing the output to a file. The instructions do not ask the agent to read unrelated files, environment variables, or to transmit unrelated data.
- Install Mechanism
- okNo install spec — instruction-only with a small included script. This has low install risk; nothing is downloaded from arbitrary URLs or added to system paths.
- Credentials
- okThe skill requests no environment variables or credentials. The only external interaction is HTTP GETs to public APIs for tracking info, which is appropriate for this functionality.
- Persistence & Privilege
- okThe skill is not always-enabled, is user-invocable, and does not modify other skills or system-wide settings. It only writes an output file if the user supplies --output.