Raccoon Data Analysis
ReviewAudited by ClawScan on May 10, 2026.
Overview
The skill is mostly aligned with remote Raccoon data analysis, but its artifact downloader can trust server-provided filenames and write outside the intended output folder.
Use this skill only for files you are allowed to send to Raccoon, verify RACCOON_API_HOST is a trusted HTTPS endpoint, and protect RACCOON_API_TOKEN. Before relying on artifact downloads, the skill should be patched to sanitize server-provided filenames and ensure downloads cannot write outside ./raccoon/dataanalysis.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A downloaded result could overwrite local files outside the intended output folder if the remote service returns an unsafe filename.
The artifact filename comes from remote API metadata and is written locally without rejecting absolute paths or ../ traversal. A malicious or compromised provider response could cause writes outside ./raccoon/dataanalysis.
filename = art.get("filename", f"artifact_{art.get('timestamp', 'unknown')}")
...
local_path = os.path.join(output_dir, filename)
...
with open(local_path, "wb") as f:
f.write(resp.content)Sanitize artifact filenames with a basename/allowlist, reject absolute paths and path separators, resolve the final path, and verify it remains inside the output directory before writing.
Files and prompts sent through this skill may be processed and temporarily stored by the configured Raccoon API endpoint.
The skill clearly discloses that selected local files are read and uploaded to the configured remote Raccoon service for analysis, with stated remote retention.
用户文件 → [本地读取] → [HTTPS上传] → 远程API服务器 → [分析处理] → [结果下载] → 本地展示 ... 文件在远程服务器仅保存 7 天 ... 仅在用户明确要求处理特定文件时才上传
Only use it for files you are allowed to upload, avoid sensitive or confidential data unless the endpoint is approved, and verify RACCOON_API_HOST is trusted and uses HTTPS.
Anyone who obtains the token may be able to use the Raccoon API as the user, depending on the token’s scope.
The script uses a user-provided Bearer token to authenticate to the Raccoon API. This is expected for the integration, but it is account authority that should be protected.
self.token = token or os.environ.get("RACCOON_API_TOKEN", "")
...
"Authorization": f"Bearer {self.token}"Store RACCOON_API_TOKEN securely, avoid printing or pasting it into chats or logs, and rotate it if it may have been exposed.