Skillv1.0.1

ClawScan security

Style Learner · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 12, 2026, 2:59 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's instructions and requirements are largely consistent with its stated purpose (extracting style from provided documents), with a minor mismatch around Feishu access details and provenance that you should confirm before use.
Guidance: This skill appears to do what it says (extract style patterns from documents) and is low-risk as an instruction-only skill, but check the following before installing or using it: - Feishu access: The README mentions Feishu integration but the skill declares no Feishu credentials. Confirm how the agent will access Feishu documents (public links vs. private docs requiring API tokens or a connector). Do not supply credentials until you understand where and how they're used. - Data sensitivity: Extracted style profiles are saved to MEMORY.md or a team knowledge base. Avoid running the skill on documents that contain secrets or private credentials unless you trust the storage location and access controls. - Provenance: The source/homepage is unknown and the README's clone URL is a placeholder. Prefer skills with a verifiable repository or maintainer. Ask the publisher for the canonical repo and review it if possible. - Least privilege: If you must provide integration credentials, create a limited-scope token or use a read-only connector rather than full account credentials. If you want a stronger assurance, request the skill's canonical source repository and any code that would perform fetching from Feishu so you (or a security reviewer) can confirm precisely how documents are retrieved and where outputs are stored.

Review Dimensions

Purpose & Capability: noteThe skill's stated purpose is to extract writing style from documents (notably Feishu links). README explicitly says 'Feishu integration for document reading', but the skill declares no required environment variables or credentials for Feishu access. This is a modest incoherence: accessing private Feishu docs would normally require credentials or an integration, which the skill does not request or document.
Instruction Scope: okSKILL.md and extract_style.md limit runtime behavior to analyzing documents provided by the user, producing structured style records, and saving results (MEMORY.md or a specified location). There are no instructions to read unrelated system files, exfiltrate data to unknown endpoints, or perform broad system enumeration.
Install Mechanism: okThere is no install spec and no code files to execute — the skill is instruction-only. README contains an optional git clone example (a generic placeholder URL), but no automated download or archive actions are specified. Instruction-only skills have lower install risk.
Credentials: noteThe skill requires read access to the documents the user supplies and write access to MEMORY.md or a target knowledge base. It does not declare Feishu API keys or tokens even though it references Feishu document links; if the agent will fetch private Feishu docs, appropriate credentials or connectors will be needed. The lack of declared credentials is a documentation gap but not itself evidence of malicious intent.
Persistence & Privilege: okFlags show the skill is not forced-always and allows normal autonomous invocation. The skill intends to write extracted profiles to MEMORY.md or another knowledge base (expected behavior). It does not request system-wide configuration changes or elevated privileges.