Back to skill
Skillv1.0.1
ClawScan security
卖家之家(跨境电商)私信查询和发送 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 12, 2026, 4:31 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's requests and runtime instructions are coherent with its stated purpose (querying and sending private messages on 卖家之家) and only require a single API key; no unexpected installs or unrelated credentials are asked for.
- Guidance
- This skill appears to do only what it says: call mjzj.com message APIs using a single MJZJ_API_KEY. Before installing, confirm the API key you provide is for the intended mjzj account and has the minimum scope needed. Be cautious about granting any agent-wide access to the key (rotate it if needed), and verify the skill's homepage/owner if you will use it for sensitive private messages. If you don't trust the publisher, avoid supplying your real API key or create a dedicated scoped key for this skill.
Review Dimensions
- Purpose & Capability
- okName/description match the declared behavior: the SKILL.md only documents three messaging APIs on mjzj.com and requires a single MJZJ_API_KEY. There are no unrelated credentials, binaries, or config paths requested.
- Instruction Scope
- okRuntime instructions are limited to calling the three specified endpoints (getConversations, getMessages, sendMessage) with Authorization headers and handling common HTTP status codes; they do not instruct reading arbitrary files, other env vars, or exfiltrating data to third-party endpoints.
- Install Mechanism
- okNo install spec and no code files — instruction-only skill — so nothing is downloaded or written to disk by the skill itself.
- Credentials
- okOnly one env var (MJZJ_API_KEY) is required and it is clearly the API bearer token needed to call the documented endpoints; no additional secrets or unrelated credentials are requested.
- Persistence & Privilege
- okalways is false and the skill does not request persistent system-wide modifications. Autonomous invocation is allowed (platform default) but not combined with other concerning privileges.