Skillv1.0.0

ClawScan security

Income Explorer · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 8, 2026, 12:06 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's purpose (explore AI monetization) is plausible and mostly matches its instructions, but there are inconsistencies (mentions a 'Brave API' without declaring credentials and the use of an 'exec' tool to run analysis scripts is underspecified), which merit caution before installation.
Guidance: This skill conceptually fits its description, but there are two notable gaps you should resolve before installing: (1) SKILL.md says web_search needs a 'Brave API' key, yet the skill declares no required environment variables — ask the author which API key or credential the skill needs and why, and verify how/where it will be stored; (2) the skill plans to use an 'exec' tool to run analysis scripts but doesn't say where those scripts come from or whether execution is sandboxed — running arbitrary scripts can access local files or network resources. Ask the maintainer to: declare any required env vars/credentials, provide examples of the analysis scripts or confirm they must be supplied by the user, and explain sandboxing or limits on exec. If you cannot get clear answers, avoid enabling the skill or run it in a restricted/test environment; revoke any API keys used for testing if you suspect misuse. Additional information (declared credentials, script provenance, sandboxing details) would raise my confidence and could change the verdict to benign.

Review Dimensions

Purpose & Capability: noteName and description match the runtime instructions: market research, opportunity analysis, report generation and actionable plans. The listed capabilities (browser, web_search, read/write, exec) are reasonable for those tasks. However, the SKILL.md references a 'Brave API' for web_search but the skill declares no required environment variables or primary credential — this is an unexplained mismatch.
Instruction Scope: noteInstructions stay on-topic (browse ClawHub/GitHub/Product Hunt/Reddit/知乎, evaluate opportunities, produce reports). Concern: the skill explicitly lists an 'exec' tool to 'run analysis scripts' but does not specify where scripts come from, who supplies them, or any sandboxing constraints — running arbitrary scripts can read local files or network resources unless restricted. The SKILL.md also tells the agent to '主动使用此技能' on specific user prompts (normal), but does not broaden scope to access unrelated system data.
Install Mechanism: okInstruction-only skill with no install spec and no code files — lowest-risk delivery mechanism. Nothing is written to disk by an installer step here.
Credentials: concernThe instructions mention 'web_search (需配置 Brave API)' but the skill declares no required environment variables or credentials. That omission is inconsistent: if a web search API key (Brave or similar) is required, it should be declared. Absence of declared credentials prevents auditing what secrets the skill will request or use. Also, 'exec' implies potential need for filesystem or runtime access that isn't described.
Persistence & Privilege: okFlags show always:false and no special persistent privileges. The skill does not request system-wide config changes or to alter other skills. Autonomous invocation is allowed by default but not combined with other high-risk factors here.