ClawHub发布助手
AdvisoryAudited by Static analysis on May 9, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A mistaken target directory, slug, version, or changelog could publish the wrong skill or an unintended version to ClawHub.
The skill instructs the agent/user to run a publish command that can update a ClawHub-hosted skill. This is central to the skill’s purpose and is disclosed, but it is still a high-impact account action.
clawhub publish "$SKILL_DIR" \
--slug "$SKILL_NAME" \
--name "$DISPLAY_NAME" \
--version "$VERSION" \
--changelog "<更新说明>"Before publishing, verify the selected skill directory, slug, display name, version, and changelog, and require explicit user confirmation for the final publish command.
Anyone or any process with access to the token or stored ClawHub config may be able to publish under the user’s ClawHub account.
The workflow uses a ClawHub authentication token even though registry metadata declares no primary credential. The token use is expected for publishing, but it gives account-level publishing authority.
clawhub login --token "<你的token>" --no-browser
Use a token with the minimum necessary permissions if available, avoid sharing it in chat logs or shell history, and revoke or rotate it if exposed.
If the target skill’s publish.sh contains unsafe commands, running it could execute unintended local actions.
The skill optionally suggests running a publish.sh script from the target skill directory. This is relevant to publishing, but the script contents are outside the reviewed artifacts.
如果技能目录包含 `publish.sh`,可以直接运行: ```bash cd <技能目录> ./publish.sh [版本号] [更新说明] ```
Inspect any publish.sh script before running it, especially for third-party or newly downloaded skills.