Skillv0.1.1

ClawScan security

WeChat Article Summarize · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 16, 2026, 5:36 PM

Verdict: Benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code and instructions match its stated purpose (fetch WeChat article pages, extract/clean text, call a summarization CLI, and write structured markdown) with no obvious mismatches or unexplained access requests.
Guidance: This skill appears coherent and does what it says: it fetches pages from mp.weixin.qq.com, cleans text, calls a local/external 'summarize' CLI to produce Chinese summaries, and writes markdown to a directory you choose. Before installing or running: 1) Confirm you trust the 'summarize' CLI referenced by the scripts (inspect that binary or package — it will receive your article text and any env vars you provide). 2) Do not pass an env-file containing unrelated secrets (AWS keys, tokens) — the skill will load any variables in the provided env-file into the subprocess environment. 3) Expect the skill to make outbound HTTP requests to the WeChat article URLs (it sets a browser-like User-Agent); it extracts image URLs but does not download image files by default. 4) Run the workflow in a directory you control and review the generated files before sharing. If you want extra assurance, run the scripts locally on a test article and inspect the called subprocess (summarize) behavior and environment variables it receives.

Review Dimensions

Purpose & Capability: okThe name/description match the included scripts: reading mp.weixin.qq.com pages, extracting body/title/images, cleaning text, invoking a 'summarize' CLI to produce Chinese summaries, and writing markdown. Required capabilities (HTTP fetch, file I/O, calling an external summarizer) are consistent with the stated purpose.
Instruction Scope: okSKILL.md instructions and the orchestrator script (run_wechat_mindmap_workflow.py) limit actions to fetching specified WeChat URLs, repairing HTML, invoking the summarizer, normalizing text, and writing files to a user-chosen directory. The code does not read unrelated system paths or attempt to exfiltrate data to hidden endpoints; it only extracts image URLs (but does not download them).
Install Mechanism: okThere is no install spec; the skill is instruction+script based and relies on local Python and an external 'summarize' CLI. No network download/install of arbitrary code is embedded in the skill files.
Credentials: noteThe skill declares no required env vars. It supports passing an --env-file to load environment variables into the process (summarize_cn.py implements load_env_file). This is reasonable to supply an API key for the external summarizer, but users should avoid passing env files containing unrelated/privileged secrets because the workflow will import those values into child processes.
Persistence & Privilege: okalways is false and the skill does not attempt to modify other skills or system-wide agent settings. It writes output files only to user-specified or local working directories.