Back to skill
Skillv1.0.5
ClawScan security
Qiaomai Skills · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 23, 2026, 2:12 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's code, metadata, and SKILL.md are internally consistent with a memory/knowledge-graph/reporting toolkit and do not request unexplained credentials or perform obvious exfiltration.
- Guidance
- This skill appears coherent with its description, but before installing: (1) Review or sandbox its filesystem writes (the registry metadata declares ~/.qiaomai/ as storage); (2) Only provide optional API keys (OpenAI/Perplexity/Grok) if you trust the integration and prefer using scoped keys; (3) If you need stronger guarantees, inspect the full source for any network I/O or os.environ usage (not observed in the provided fragments) or run the skill in an isolated environment first; (4) Periodically inspect and clean ~/.qiaomai/ if you store sensitive data there.
Review Dimensions
- Purpose & Capability
- okName/description (memory, knowledge graph, report generator) align with the included Python modules (octo_memory, dynamic_kg, smart_report, case_search, smart_executor, easy_use). Optional third‑party APIs (OpenAI, Perplexity, Grok) are declared as optional in the metadata and SKILL.md, which fits an enhancement toolkit that can optionally call external services.
- Instruction Scope
- okSKILL.md describes features and optional integrations but does not instruct the agent to read unrelated system files, environment variables, or to send data to unknown endpoints. The runtime instructions stay within the stated domain (memory, KG, report generation).
- Install Mechanism
- okThere is no install specification (no arbitrary downloads or installers). The package is delivered as source files and a SKILL.md; that is proportionate for a pure-Python toolkit and reduces supply-chain risk compared with remote downloads.
- Credentials
- noteNo required environment variables are listed. clawhub.json declares three optional API keys (OPENAI_API_KEY, PERPLEXITY_API_KEY, GROK_API_KEY) marked sensitive and optional — this is proportional for optional semantic/search/code features. Ensure you only set keys you intend to use and scope them with least privilege.
- Persistence & Privilege
- noteclawhub.json sets a storage path (~/.qiaomai/), implying local persistence of data (memories/graphs). This is expected for a memory/knowledge tool but you should be aware it will likely store data on the host under that path and review or control that directory.