Skillv1.0.3

ClawScan security

Raccoon Data Analysis · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignMar 26, 2026, 1:48 AM

Verdict: Benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code, runtime instructions, and required environment variables are consistent with its stated purpose (uploading files to a remote Raccoon API for analysis); it does upload user files to an external service, so only proceed if you trust the configured endpoint and the files contain no sensitive data.
Guidance: This skill is internally consistent: it will read files you explicitly point it at and upload them to the configured RACCOON_API_HOST using the RACCOON_API_TOKEN. Before using it: (1) confirm you have permission to upload the files and they contain no sensitive information, (2) verify and trust the RACCOON_API_HOST endpoint (the SKILL suggests https://xiaohuanxiong.com but the host is configurable), (3) keep your token secret and rotate it if exposed, (4) run the provided scripts from the skill directory as instructed (avoid running broad filesystem searches), and (5) review scripts/main.py yourself if you want to inspect behavior — the script performs uploads, SSE streaming, and downloads but contains no opaque/obfuscated code. If any of these checks fail or you do not trust the remote service, do not use the skill.

Purpose & Capability: okName/description describe a remote-data-analysis skill. The skill requires python3 and two env vars (RACCOON_API_HOST, RACCOON_API_TOKEN) which are exactly what a remote-API client needs. Included scripts implement session creation, file upload, SSE-based chat, and artifact download — all coherent with the stated purpose.
Instruction Scope: okSKILL.md explicitly restricts behavior to remote API use (forbids local data analysis) and instructs the agent to run the provided scripts; the instructions require absolute file paths for uploads and ask for explicit user consent before uploading. There is no instruction to read unrelated files, scan the filesystem, or exfiltrate unrelated secrets.
Install Mechanism: okThere is no install spec (instruction-only runtime) and the included Python script uses standard requests. No remote downloads or archive extraction occur during install. Risk from installation mechanisms is low.
Credentials: okThe skill asks only for RACCOON_API_HOST and RACCOON_API_TOKEN (primary credential). These are necessary and proportionate for authenticating to the remote API. The scripts do not request other unrelated credentials or config paths.
Persistence & Privilege: okalways is false and the skill does not request persistent system-wide privileges. It writes downloaded artifacts to ./raccoon/dataanalysis (per its purpose) and does not modify other skills or system-wide agent settings.