Back to skill
Skillv1.0.1
ClawScan security
Package Track · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 12, 2026, 8:19 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's code, instructions, and requirements match its stated purpose (querying courier tracking via 快递鸟/Kdniao); it requests no unrelated credentials or unusual installs.
- Guidance
- This skill appears to do exactly what it says: it posts signed requests to 快递鸟 (Kdniao) and returns the API response. Before installing, (1) keep your Kdniao EBusinessID and ApiKey out of source control (package_tracker.json should not be committed); (2) verify the GitHub homepage/repository matches the publisher you trust; (3) be aware the skill will make outbound HTTP(S) requests to Kdniao endpoints (ensure network policy allows that); and (4) run or inspect the included Python files locally if you want extra assurance (they're short and readable). If you need support for additional providers, review/validate any new provider modules before adding credentials.
Review Dimensions
- Purpose & Capability
- okName/description match the included Python package and CLI. Required binary is only python and the code implements a Kdniao provider and a registry for additional providers — all appropriate for a package-tracking skill.
- Instruction Scope
- okSKILL.md instructs storing provider credentials in package_tracker.json and running the provided CLI or importing get_tracker(). The runtime instructions and code only read package_tracker.json (in CWD or explicit path) and call Kdniao endpoints; they do not request unrelated files, environment variables, or external endpoints beyond Kdniao.
- Install Mechanism
- okNo install spec is provided (instruction-only from the registry's perspective). The bundle includes plain Python source (no third-party downloads or archive extraction). No suspicious installer URLs or extracted archives are present.
- Credentials
- okThe skill declares no required environment variables or credentials. It expects API credentials to be placed in package_tracker.json (local config) which is proportional to its function. The code does not read other env vars or secrets.
- Persistence & Privilege
- okalways is false and disable-model-invocation is default (agent may call autonomously, which is normal). The skill does not request persistent system-wide privileges or modify other skills' configs.