Skillv1.0.0

ClawScan security

求职技能顾问 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 8, 2026, 8:30 AM

Verdict: suspicious
Confidence: high
Model: gpt-5-mini
Summary: The skill's functionality (career/skills advice) is coherent, but the SKILL.md inexplicably embeds a plaintext payment API key and pricing info without any install code or instructions on how that key is used — this is a disproportionate and unexplained artifact that raises concern.
Guidance: This skill's content otherwise fits a career-advice tool, but the SKILL.md contains a plaintext SkillPay.me API key and a per-call fee — information that is unnecessary for a purely instruction-only advisor and could indicate a leaked secret or an attempt to collect payments outside the platform. Before installing: (1) Ask the publisher why the API key is present and how payment is handled; request removal of any private keys from the public skill file. (2) Do not reuse or paste the shown API key into any other system. (3) Prefer skills that use the platform's official billing integration rather than embedding third-party payment credentials. If the author cannot justify the key or provide a safer payment integration, treat the skill as risky and avoid installing it.

Review Dimensions

Purpose & Capability: noteName and description (job skills advisor) match the SKILL.md content: prompts, supported roles, and example outputs are aligned with the stated purpose. However, the presence of explicit pricing and a plaintext SkillPay.me API key in the instructions is not necessary for a pure advice skill and is unexpected.
Instruction Scope: noteSKILL.md contains only user-facing guidance and example queries and does not instruct the agent to read local files or environment variables. It does include pricing and an API Key value, but it does not include concrete runtime instructions for using that key (no endpoints, no call flow). The inclusion of the key in runtime instructions is unusual and broadens the scope in an unexplained way.
Install Mechanism: okNo install specification and no code files — lowest-risk installation surface. Nothing is written to disk and no external packages are fetched by the skill itself.
Credentials: concernThe manifest declares no required environment variables or credentials, yet the SKILL.md exposes a plaintext API key (sk_3bf4e744...) and payment instructions. A career-advice skill does not inherently need an external payment API key; embedding such a key is disproportionate and could indicate accidental credential leakage or an attempt to monetize/charge via instructions not authorized by the platform.
Persistence & Privilege: okSkill is not marked always:true and uses default invocation settings. It does not request persistent system privileges or attempt to modify other skills or system-wide configuration.