Skillv1.0.0

ClawScan security

模型消耗统计 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignApr 13, 2026, 3:03 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: Instruction-only skill that coherently documents how to collect session token usage and present cost reports via platform session tools and Feishu message cards; it requests no extra credentials or installs.
Guidance: This skill appears internally consistent and low-risk, but verify two operational details before enabling: (1) Confirm what data the platform 'session_status'/'sessions_list' APIs expose (they may include full conversation text); if they include sensitive content, restrict who can invoke the skill or filter/redact fields before reporting. (2) Confirm how the 'message' tool posts to Feishu (which Feishu account/app is used) and that no unintended data is shared externally. Also check that the model pricing numbers match your billing rates if you rely on the cost calculations. If you want extra safety, allow this skill only for manual/user-invoked reports (disable autonomous invocation where possible) and review generated card previews before sending to external channels.

Purpose & Capability: okName/description match the runtime instructions: the SKILL.md only describes collecting session usage (via session_status, sessions_list, sessions_history), computing token/cost metrics, and sending formatted Feishu cards. No unrelated credentials, binaries, or installs are requested.
Instruction Scope: noteInstructions are scoped to reading session data and producing reports sent through the platform 'message' tool (Feishu cards). This is appropriate, but it assumes the 'session_*' tools supply accurate token details and that the 'message' tool is authorized to post to Feishu; verify those tool permissions and what session data they expose (conversation contents may be included).
Install Mechanism: okNo install spec and no code files — instruction-only skill. Nothing will be downloaded or written to disk by this skill itself.
Credentials: okThe skill declares no environment variables, credentials, or config paths. That is proportionate for a reporting skill that relies on platform-provided session and messaging tools.
Persistence & Privilege: okalways is false and the skill is user-invocable (normal). It does not request persistent/enforced presence or modify other skills. Note: the platform default allows autonomous invocation, but that is not unique to this skill and always:false reduces continuous privilege.