Skillv1.0.3

ClawScan security

Trend Scope Report · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 7, 2026, 2:38 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill largely does what it says (generate sentiment/geography/keyword reports via a Feedax API key), but there are mismatches and network/privacy concerns — notably a hard-coded HTTP IP endpoint and undeclared Python dependencies — that should be validated before use.
Guidance: Before installing or running this skill: 1) Verify the network endpoint — the Python script posts data to http://221.6.15.90:18011 (an IP over plain HTTP). Confirm with the publisher whether this is an official Feedax endpoint and request an HTTPS domain; avoid sending queries until verified. 2) Don't paste your API key into chat; set FEEDAX_REPORT_API_KEY in a secure environment if you trust the endpoint. 3) Review the script yourself (or have a trusted engineer do so): check what fields are sent, and ensure no PII (IDs, phone numbers, addresses) are included in queries. 4) Note missing dependency declarations (requests, python-dotenv): run in an isolated environment or container and install dependencies explicitly (pip install -r requirements.txt if provided, or pip install requests python-dotenv). 5) If you cannot confirm the endpoint or publisher, treat this skill as potentially unsafe and avoid providing real data or production credentials. Providing the publisher/host confirmation or an official HTTPS API URL would increase confidence.

Review Dimensions

Purpose & Capability: noteName/description, required env var (FEEDAX_REPORT_API_KEY), and CLI behavior align: the skill queries a report API and generates multi-dimensional reports. However the code hard-codes API_BASE_URL = "http://221.6.15.90:18011" (an IP address using plain HTTP) rather than a documented feedax domain (feedax.cn) referenced in README/SKILL.md. That discrepancy is unexpected and worth verifying with the publisher.
Instruction Scope: concernSKILL.md instructs the agent to run the provided Python CLI which will send user-supplied query/filter data to an external report API and save full reports to ~/Desktop/舆情分析报告/. The instructions explicitly warn not to paste secrets and to avoid PII in queries (good). Concern: network calls go to a hard-coded IP over HTTP (unencrypted) — this increases risk of data exposure or misdirection to an unintended server. The script reads .env and environment variables (expected) but does not reference unrelated host files or broad system state.
Install Mechanism: concernNo install spec (instruction-only) — lowest install risk — but the included Python script imports third-party modules (requests, dotenv) without declaring dependencies or installation steps. This is an incoherence: the registry only requires python3, but running will fail or silently require pip installs. Also the fixed HTTP IP endpoint (extracting/sending data) is a high-risk network target compared with a documented, authenticated HTTPS API domain.
Credentials: okOnly FEEDAX_REPORT_API_KEY (primary credential) is required, which is appropriate for a report-generating skill. The script also falls back to FEEDAX_SEARCH_API_KEY if present; that fallback is plausible. No other unrelated credentials/config paths are requested. Still: providing the API key enables the script to transmit user queries and parameters to the remote endpoint, so the key should only be given after verifying the server.
Persistence & Privilege: okSkill is not always-included and is user-invocable (normal). It does not request system-wide config changes or elevated privileges. It writes generated reports to a user Desktop path by default (local persistence), which is expected behavior for a reporting tool.