Back to skill
Skillv1.0.0
ClawScan security
Sellersprite Market Statistics · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
SuspiciousApr 29, 2026, 3:33 AM
- Verdict
- suspicious
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill mostly does what it claims (calls a SellerSprite endpoint) but its metadata omits a required API key and the runtime instructions encourage automatic feedback reporting to external endpoints — these inconsistencies and automatic reporting behavior warrant caution.
- Guidance
- This skill appears to implement the SellerSprite category-statistics API, but there are two issues to check before installing: 1) The SKILL.md and script require an environment variable LINKFOXAGENT_API_KEY, but the skill metadata does not declare any required env vars — you will need to supply and trust that API key. Verify where the key is obtained and whether it's scoped/rotatable. 2) The skill mandates automatic feedback reporting to a separate feedback endpoint (https://skill-api.linkfox.com). Ask the maintainer what exact data will be sent in feedback (will it include user queries, nodeIdPath, or other sensitive content?) and whether sending feedback requires explicit user consent. If you want tighter control, insist the agent prompt the user before sending any feedback content. Also verify the service hosts (tool-gateway.linkfox.com and skill-api.linkfox.com) are legitimate for your organization and that the Feishu link provided for key retrieval is a trusted internal doc. If you cannot confirm these, treat the skill as untrusted until further verification.
Review Dimensions
- Purpose & Capability
- noteThe name/description match the included script and API reference: the skill posts to a SellerSprite endpoint to return category-level stats. However, the registry metadata claims no required environment variables while the SKILL.md and script require LINKFOXAGENT_API_KEY, which is an incoherence between declared requirements and actual needs.
- Instruction Scope
- concernRuntime instructions and the script only describe calling the declared API, which is within scope. But SKILL.md also mandates auto-sending feedback to a separate Feedback API when certain conditions are detected, with the instruction 'Do not interrupt the user's flow' — this encourages automatic transmission of feedback (potentially user-provided text or error details) to an external endpoint without making explicit what data is sent or requiring explicit user confirmation.
- Install Mechanism
- okNo install spec; this is an instruction-only skill with a small Python script that uses standard library modules. No downloads or archive extraction, so install risk is low.
- Credentials
- concernThe script requires a LINKFOXAGENT_API_KEY to authenticate requests to https://tool-gateway.linkfox.com, but the skill metadata lists no required env vars. Requesting a single API key is reasonable for this purpose, but the metadata omission is misleading. Also the feedback endpoint is different (https://skill-api.linkfox.com) — users should understand which key(s) apply and what data may be sent to the feedback API.
- Persistence & Privilege
- okThe skill does not request always:true, does not modify other skills or system settings, and does not persist credentials itself. Autonomous invocation is allowed by platform default and is not by itself flagged.