Skillv1.0.0

ClawScan security

HV Analysis 横纵分析法 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 13, 2026, 5:39 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's instructions and goals are coherent, but it claims to include a PDF-generation script and a GitHub source that are missing from the package — that mismatch and the implied runtime downloads are suspicious and merit caution.
Guidance: This skill appears to be a genuine research/reporting template, but it claims to include a PDF-generation script that is not present. Before installing or enabling it: (1) Ask the author to supply the missing scripts/md_to_pdf.py and CSS, or point to an exact, reviewable URL for them. Do not allow the agent to autonomously download and run code from an unreviewed URL. (2) If you must proceed, review any external repository code yourself before permitting execution. (3) Be aware the skill will perform broad web searches and may collect public PII about people—confirm that’s acceptable for your use case. (4) If you want lower risk, request the skill be modified to return Markdown only (no automatic PDF generation) so you can convert to PDF on a controlled system after reviewing sources.
Findings: [no_regex_findings] expected: The package is instruction-only with no code files, so the regex-based scanner had nothing to analyze. This aligns with the absence of code but leaves unverified the claimed md_to_pdf.py script referenced in SKILL.md.

Review Dimensions

Purpose & Capability: concernThe skill describes producing a ‘排版精美的PDF研究报告’ using an included scripts/md_to_pdf.py and built-in CSS, but the package contains no code files. For a skill that promises an internal PDF renderer, having no script is a capability mismatch. The referenced GitHub repo (https://github.com/KKKKhazix/khazix-skills) may provide the script, but the skill manifest does not include or declare fetching it, creating an unexplained gap.
Instruction Scope: noteSKILL.md explicitly requires online searching and running parallel 'subAgents' to collect public information (founders, histories, competitor data). That is consistent with the stated research purpose. The instructions do not ask to read local files, environment variables, or unrelated system paths. They do, however, require collecting potentially sensitive PII from public sources (e.g., founder backgrounds) — which is expected for this use-case but worth noting.
Install Mechanism: concernThere is no install spec (instruction-only), which is low-risk in general. However, the SKILL.md asserts an included md_to_pdf.py script and CSS for PDF generation even though no code files are present. That creates ambiguity: the agent may attempt to download/extract code at runtime (from the referenced GitHub or elsewhere). Runtime downloading/executing of external code is higher risk and should be explicit and auditable.
Credentials: okThe skill requests no environment variables, no credentials, and no config paths. That is proportionate to a web-research and writing task. There are no unexplained requests for keys or secrets.
Persistence & Privilege: okalways is false and the skill does not request elevated or persistent system-wide privileges. It does call for network access and subAgent usage (normal for this purpose) but does not try to modify other skills or agent configs.