v0.1.2

小说写作助手

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 8:38 AM.

Analysis

The artifacts look like a coherent local novel-writing helper; it creates and remembers project files, but shows no credential use, data exfiltration, or destructive behavior.

GuidanceBefore installing, be comfortable with a skill that creates a local novel project tree, runs bash helper scripts for validation, and stores ongoing story memory. Use a dedicated workspace, review generated memory/tracking files, and verify the package source because the artifacts contain unresolved version conflict markers.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation

SeverityLowConfidenceHighStatusNote

commands/init.md

用户提供了目录 → 使用用户目录; 用户没提供 → 使用 agent 工作目录 + `novel/<项目名>/`

The init command can create a full project tree in a user-chosen directory. This is expected for a writing-project skill, but it is local filesystem mutation that users should scope deliberately.

User impactThe skill may create or update many project files wherever the user tells it to work.

RecommendationUse a dedicated project/workspace directory and confirm the path before running initialization.

Unexpected Code Execution

SeverityLowConfidenceHighStatusNote

commands/write.md

bash <skill>/scripts/bash/count-chinese-words.sh <文件路径>

The write workflow invokes a bash helper for word-count validation. This is purpose-aligned, but it means local command execution is part of normal use.

User impactUsing the skill may run local bash helper scripts during chapter validation.

RecommendationInstall only from a trusted source and keep the generated project in a workspace where running these helper scripts is acceptable.

Agentic Supply Chain Vulnerabilities

SeverityInfoConfidenceHighStatusNote

SKILL.md

<<<<<<< HEAD
version: 0.1.0
=======
version: 0.1.2
>>>>>>> 3a77ccf

Unresolved merge-conflict markers in the skill metadata indicate packaging hygiene issues. This does not show malicious behavior, but it is a provenance/quality signal users should notice.

User impactVersion information may be inconsistent, and the package may be less carefully prepared than expected.

RecommendationVerify the package source/version before relying on it, especially because the registry source is listed as unknown.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Memory and Context Poisoning

SeverityLowConfidenceHighStatusNote

commands/learnings.md

用户提到新设定时，AI 自动追加到对应文件 ... `/novel write` 执行前，必须读取 `.learnings/`

The skill creates persistent project memory that is automatically reused in future writing. This is expected for continuity, but stale, wrong, or private content could influence later outputs.

User impactStory notes and user-provided details may persist in the project and shape future chapters.

RecommendationReview `.learnings/`, `.fail-log/`, and tracking files periodically, and avoid storing sensitive personal information there unless you want it reused.