Skillv1.0.0

ClawScan security

深度解析Skill技能，输出四部分报告：功能摘要、场景分析、流程图、评分点评，让你一眼看懂优秀技能背后的设计逻辑ub 链接。 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignApr 7, 2026, 11:13 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: Instructions, required resources, and behavior are coherent with a skill-package analysis tool; nothing requested is disproportionate to its stated purpose.
Guidance: This skill appears coherent and low-risk, but be cautious about what you upload or point it to. Only provide the skill package you want analyzed — avoid giving root or system paths. Do not upload archives that contain secrets (keys, tokens, passwords) unless you are willing to share them. Prefer direct uploads or vetted GitHub links rather than arbitrary HTTP links. Confirm with the agent if it intends to access any path you did not expect before proceeding. If you need extra assurance, request the analyzer run in a sandboxed environment or ask it to list files it will read before analysis.

Purpose & Capability: okName/description match the runtime instructions: the skill analyzes uploaded skill packages, looks for SKILL.md/README, and produces ASCII/Mermaid diagrams and a four-part report. No unrelated credentials, binaries, or installs are requested.
Instruction Scope: noteInstructions are narrowly scoped to reading a user-supplied package (download link, local path, or uploaded file) and extracting SKILL.md/skill.yaml/README. It explicitly says to decompress in-memory and only use specific files. Minor caution: allowing arbitrary local paths means a user could accidentally point the agent at sensitive local files; the spec does not show explicit checks to prevent reading paths outside the intended package.
Install Mechanism: okNo install spec and no code files — instruction-only skill. This is the lowest-risk category and consistent with the stated purpose.
Credentials: okThe skill requests no environment variables, secrets, or external credentials. That is proportionate to an analyzer whose inputs are user-provided files/links.
Persistence & Privilege: okalways is false and autonomous invocation is default. The skill does not request persistent/system-level privileges or to modify other skills; this is appropriate.