Skillv1.0.0

ClawScan security

菜谱查询 - 即刻数据 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 29, 2026, 6:51 AM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill's code, requirements, and instructions are consistent with a cookbook/query wrapper for the jikeapi.cn service; no obvious exfiltration or unrelated privileges were found, but the provided script was truncated so review the full file before installing.
Guidance: This skill appears to be a straightforward Python wrapper for jikeapi.cn cookbook endpoints and only needs one API key. Before installing: 1) Verify you trust the publisher/homepage (https://www.jikeapi.cn) and that the AppKey's permissions are limited. 2) Review the full, untruncated script to ensure there is no hidden behavior beyond what was shown. 3) Be aware the script respects JIKE_API_BASE_URL (not listed in requires.env) — if that env var is set in your environment it will change where requests are sent. 4) The script reads a local .env file but only extracts AppKey values; still avoid placing other secrets there. 5) If you cannot review the full file, treat the skill with caution or run it in an isolated environment.

Review Dimensions

Purpose & Capability: okName/description, required binary (python3), declared primary env var (JIKE_COOKBOOK_QUERY_KEY), and the included script all align with a simple HTTP wrapper for jikeapi.cn cookbook endpoints. The API paths in the code and _meta.json match the stated purpose.
Instruction Scope: noteSKILL.md instructs running the provided Python script and exporting the AppKey, which matches the code. The script also supports passing the key via CLI and reading a local .env file. It additionally honors an environment variable JIKE_API_BASE_URL to override the API host — this env var is not declared in requires.env and could redirect requests if set, so note that the agent or environment could alter the target endpoint.
Install Mechanism: okThis is an instruction-only skill with a small Python script and no install spec. Nothing is downloaded or written during install, which is low risk.
Credentials: noteThe skill requests a single API key (JIKE_COOKBOOK_QUERY_KEY) which is appropriate for this integration. The code also accepts JIKE_APPKEY as an alternative, but only JIKE_COOKBOOK_QUERY_KEY was declared in the registry metadata. Besides the AppKey, the script reads JIKE_API_BASE_URL (undocumented in requires.env) and a local .env file in the script directory — both are plausible for configuration but should be noted.
Persistence & Privilege: okalways:false and no install hooks; the skill does not request persistent elevated privileges or modify other skills/configs. Autonomous invocation is allowed (default) which is expected for skills and is not a problem by itself.