Skillv1.0.0

ClawScan security

友行 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 12, 2026, 7:35 AM

Verdict: suspicious
Confidence: high
Model: gpt-5-mini
Summary: The skill's instructions are mostly consistent with querying a club API, but there are clear mismatches (notably it assumes a Node runtime while the manifest declares no required binaries and the source is unknown), so proceed with caution.
Guidance: This skill appears to do what it says (query activities from api.cumen.fun) but note two practical cautions: (1) The runtime instructions require Node.js (they run 'node -e'), yet the manifest does not declare Node as a required binary — ensure your agent environment actually has Node available or the snippets won’t run. (2) The skill calls an external API (api.cumen.fun) and may return precise addresses and coordinates; only use it if you trust that endpoint. The skill's source and homepage are unknown, so if you need stronger assurance, ask the publisher for the source repo or a trusted homepage, or run the requests from a sandboxed environment and inspect responses before exposing them to users.

Review Dimensions

Purpose & Capability: concernThe skill claims to query 友行 club activities and the included Node scripts call api.cumen.fun endpoints with clubId/campaignId, which aligns with the stated purpose. However, the SKILL.md executes node via inline 'node -e' snippets while the skill metadata lists no required binaries — that is an incoherence (the agent environment must provide Node.js for the instructions to run). Also SKILL.md declares API_BASE but the example code uses explicit endpoint URLs, a minor mismatch.
Instruction Scope: noteInstructions only perform HTTPS POSTs to api.cumen.fun to list campaigns or get campaign details and then map/format the response to JSON or Markdown. They do not read local files, environment variables, or other system state. Note: the responses include potentially sensitive fields such as exact address and latitude/longitude — this is expected for an activity/location lookup but users should be aware location data may be returned.
Install Mechanism: okNo install spec or external downloads are present; this is an instruction-only skill (no code files to install), which minimizes install-time risk.
Credentials: okThe manifest requests no environment variables, credentials, or config paths. The SKILL.md hardcodes CLUB_ID and API URLs inside the instructions rather than requesting secrets, so no unexpected credential access is requested.
Persistence & Privilege: okThe skill is not always-enabled and does not request elevated persistence or modify other skills. Autonomous invocation is allowed (platform default) but not combined with other red flags here.