Skillv1.0.0

ClawScan security

Douban Movie Movie Reviews API · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 23, 2026, 5:52 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: This skill is a straightforward wrapper around JustOneAPI's Douban movie-reviews endpoint and its requirements and instructions align with that purpose.
Guidance: This skill appears to do only what it claims: call JustOneAPI's Douban reviews endpoint. Before installing, consider: 1) Keep JUST_ONE_API_TOKEN limited (rotate/revoke if exposed), and avoid running the CLI form with your token visible on shared machines because command-line arguments can be seen in process listings — prefer a variant that reads the token from a protected environment variable or a file with restricted permissions. 2) Expect the skill to send requests to https://api.justoneapi.com and to print the API response (and backend error payloads) to stdout/stderr; do not run it on systems where those outputs might be captured and leaked. 3) Verify the token source (JustOneAPI dashboard) and the permissions associated with the token before use. Overall the artifact is internally consistent and coherent with its described purpose.

Review Dimensions

Purpose & Capability: okName, description, manifest, and included files consistently describe a single GET endpoint (/api/douban/get-movie-reviews/v1). Requested items (node binary and JUST_ONE_API_TOKEN) are appropriate and expected for a small CLI helper that calls an external API.
Instruction Scope: noteSKILL.md limits runtime actions to calling the documented endpoint and asking for missing parameters. It instructs passing the API token via --token "$JUST_ONE_API_TOKEN". Note: passing a secret as a command-line argument exposes it in process listings on multi-user systems; consider reading the token from an environment variable inside the script or another mechanism if running on shared hosts. The script prints backend payloads and errors to stdout/stderr as described.
Install Mechanism: okNo external install/spec is included; the package is instruction-only with a single local Node script (bin/run.mjs). No downloads from remote URLs or archive extraction are performed by the skill itself, so installation risk is low.
Credentials: okOnly one credential is required (JUST_ONE_API_TOKEN) and it is marked as the primary credential. That matches the stated need to authenticate to JustOneAPI; no unrelated secrets or config paths are requested.
Persistence & Privilege: okThe skill does not request permanent/system-wide presence (always: false), does not alter other skills' configs, and has no install-time actions. Autonomous invocation is allowed by default but is normal for skills and not combined with other red flags here.