Skillv2.4.0

ClawScan security

CN Web Search · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignApr 19, 2026, 3:36 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill is an instruction-only web-search aggregator that only instructs the agent to fetch public webpages from many search sites — its requirements and instructions match its stated purpose.
Guidance: This skill appears to do what it says: fetch public webpages from many search/data sites. Before installing, consider: (1) queries are sent to third-party sites and may be logged — do not send secrets or sensitive data as search queries; (2) some targets are rate-limited or paywalled and the skill may receive limited results or be blocked; (3) scraping may violate some websites' terms of service — use responsibly; (4) the package metadata has inconsistent version fields and no listed homepage — if provenance matters, verify the author's GitHub repository (https://github.com/joansongjr/cn-web-search) manually. If you need stricter guarantees (no network access, or auditing of fetched content), test in a controlled environment first.

Purpose & Capability: okThe name/description promise (Chinese web search aggregator across many free engines) matches the SKILL.md: it lists search endpoints and example web_fetch calls. No unrelated credentials, binaries, or install steps are requested. Minor metadata inconsistencies exist (package.json/_meta.json/skill version numbers differ and there is no homepage), but these are bookkeeping issues, not functional mismatches.
Instruction Scope: noteRuntime instructions are limited to issuing web_fetch against public search and data sites (search engines, news sites, RSS, financial/public-data pages). They do not instruct reading local files, environment variables, or other system state. Note: the instructions will send user query text to remote third-party sites (expected for a web search aggregator).
Install Mechanism: okNo install spec and no code files to execute are included (instruction-only). Nothing is downloaded or written to disk by the skill itself, which minimizes install risk.
Credentials: okThe skill declares no required environment variables, credentials, or config paths. The SKILL.md does not ask for secrets. This is proportionate to its purpose.
Persistence & Privilege: okalways:false and no instructions to modify agent/system configuration. The skill does not request elevated or persistent privileges.