Skillv1.0.1

ClawScan security

Kisa Guideline Hub Repo · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

ReviewMar 14, 2026, 7:40 AM

Verdict: Review
Confidence: medium
Model: gpt-5-mini
Summary: The skill's stated purpose (collect KISA/Boho guidelines and publish to Notion) matches the included script, but there are several inconsistencies and missing declarations (Notion credentials not declared, missing dependency files, and README instructions that won't work as-is) that warrant caution before installing.
Guidance: Key points before installing or running this skill: - Missing declarations: The registry metadata claims no required environment variables, but the SKILL.md and script require a Notion API key and database IDs stored in ~/.openclaw/workspace/.env. Do not run the script until you create a dedicated Notion integration with a limited-scoped API key and set the database IDs. - Missing files/dependencies: The script imports modules from a 'security-news-module' (modules.crawlers.kisa, boho, publisher_service, config) and README mentions requirements.txt; those files are not included in the package manifest. Running the script as-is will likely fail unless you obtain the referenced module files. Ask the publisher for the missing modules or a complete package. - Network & data flow: The skill crawls external websites and downloads PDFs, then uploads them to Notion. This matches its purpose but means you are transmitting (potentially sensitive) documents to a third-party service (your Notion workspace). Only use a Notion integration you control and be mindful of privacy and file size limits. - Safety recommendations: (1) Inspect the missing crawler and publisher modules before running to ensure they don't perform unexpected network calls or exfiltrate data elsewhere. (2) Run initially in an isolated environment (non-privileged account, limited filesystem) and monitor network activity. (3) Use a dedicated Notion integration with the minimal required permissions and a separate Notion test database. (4) Ask the skill author to update registry metadata to declare required env vars and to include requirements.txt and the required modules so the package can be fully reviewed. What would change this assessment: if the package included the referenced modules and a requirements.txt and the registry metadata declared the Notion env vars (and those modules' behavior is consistent with the description), the evaluation would likely move to benign. Conversely, if the missing modules or remote repo contain unrelated credential-handling or hidden endpoints, the verdict could escalate to malicious.

Review Dimensions

Purpose & Capability: concernThe SKILL.md and script both describe crawling KISA and Boho and publishing PDFs to Notion — this is coherent with the name/description. However the package metadata declares no required environment variables or primary credential while the SKILL.md and script clearly require a Notion API key and database IDs. That mismatch is an unexplained inconsistency.
Instruction Scope: noteInstructions explicitly tell the agent/user to run a Python script that: loads ~/.openclaw/workspace/.env, crawls external websites (KISA, Boho), downloads PDFs to local temp directories, and uploads files to Notion. Those actions are within the stated purpose, but the script imports other modules (modules.crawlers.*, publisher_service, config) that are not included in the manifest — meaning runtime behavior depends on external code not present here.
Install Mechanism: concernThere is no install spec (instruction-only) which is low-risk, but the README suggests pip install -r requirements.txt and cloning a GitHub repo; no requirements.txt or the referenced security-news-module files are present in the manifest. This is a practical install/runtime gap: following the provided commands will likely fail or pull unreviewed code from external sources if the user attempts to clone/install them.
Credentials: concernThe skill needs Notion credentials (NOTION_API_KEY, SECURITY_NEWS_DATABASE_ID, optional SECURITY_GUIDE_DATABASE_ID) according to SKILL.md and code, yet the registry metadata lists no required env vars or primary credential. Requesting a Notion API key is reasonable for the purpose, but the missing declaration is a red flag: the agent or user may not be warned that secrets are required. The SKILL.md also references an unrelated GLM API key for the 'news' portion — this is optional for guidelines but is present in docs, adding potential confusion.
Persistence & Privilege: okThe skill is not configured as always: true, does not request system-wide changes in its code, and only suggests optional cron/LaunchAgent configuration in documentation. There is no automated persistent installation performed by the skill files provided here.