Skillv1.0.0

ClawScan security

热点内容创作助手 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 28, 2026, 11:32 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's purpose (scraping hotspots and producing images/text) is plausible, but the runtime instructions reference local files and a third‑party API key that are not declared in the skill metadata and the workflow auto‑triggers another skill — those mismatches merit caution.
Guidance: Before installing or enabling this skill: (1) verify where the UAPI API key is stored and ensure the skill will not exfiltrate it — prefer setting the key in a controlled env variable or replacing it with a placeholder as suggested; (2) inspect the referenced local files (/workspace/imgs/XHS_COVER_STYLE.md, /workspace/imgs/AVATAR_PROFILE.md, /workspace/scripts/humanize_write.md) to ensure they don't contain secrets or unexpected code; (3) confirm the image generation tool is local or from a trusted provider and that network calls are limited to expected endpoints (uapis.cn and your chosen image API); (4) verify the uapis.cn endpoints are the intended service and acceptable for your data; (5) review the humanize-write skill (if present) before allowing this skill to auto‑trigger it; (6) consider running the skill in an isolated environment or with restricted agent permissions until you are comfortable with its behavior.

Review Dimensions

Purpose & Capability: concernThe declared goal (multi‑platform hotspot harvesting + image and copy generation) matches the instructions (calls to UAPI and image/text generation). However the SKILL.md expects a UAPI API key and an image generator, yet the registry metadata lists no required env vars or credentials — that's an inconsistency. Source/homepage is unknown which reduces ability to verify intent.
Instruction Scope: concernInstructions tell the agent to: (a) make parallel API requests to uapis.cn endpoints to fetch platform hotspots, (b) read several files under /workspace (XHS_COVER_STYLE.md, AVATAR_PROFILE.md, /workspace/scripts/humanize_write.md), (c) call an external image generator, and (d) automatically trigger the humanize-write skill. Reading arbitrary workspace files and automatically invoking another skill expands scope beyond just 'generate content' and is not reflected in metadata.
Install Mechanism: okNo install spec and no code files — the skill is instruction‑only, so it does not write or execute new code on install. This is the lowest install risk.
Credentials: concernSKILL.md requires a UAPI API key and an image generation tool but the skill metadata declares no required env vars or primary credential. The skill also instructs reading workspace files (which may contain other secrets). Requesting an API key without declaring it in metadata is disproportionate and should be clarified.
Persistence & Privilege: okalways is false and the skill does not request permanent presence or system config changes. It does instruct autonomous triggering of another skill (humanize-write) after certain steps — autonomous invocation is platform‑normal but increases blast radius if combined with other risks (see other concerns).