Skillv1.0.11

ClawScan security

Miaoda App Builder · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignMar 20, 2026, 2:31 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code, instructions, and requested credential (MIAODA_API_KEY) are consistent with a CLI client for the Miaoda platform and do not request unrelated secrets or unusual system access.
Guidance: This skill appears to be a straightforward Python CLI client for the Miaoda platform. Before installing or enabling it: (1) only provide an API key you trust — MIAODA_API_KEY grants the skill access to your Miaoda account and its resources (projects, deploys, billing); (2) be aware the tool will make network calls to api.miaoda.cn (or a base URL you provide) and requires the 'requests' Python package; (3) if you are cautious, review scripts/miaoda_api.py (included) to confirm behavior and to check for any endpoints or logging you don't want; (4) do not provide unrelated credentials — the skill does not need other tokens. If you want tighter control, create a limited-scope API key on Miaoda (if the platform supports it) rather than a full-power account key.

Purpose & Capability: okName/description match the observed behavior: a Python CLI wrapper that talks to the Miaoda API to create, modify, and publish apps. Requested items (python3 and MIAODA_API_KEY) are reasonable and proportional to the stated purpose.
Instruction Scope: noteSKILL.md instructs the agent to use the included CLI (python scripts/miaoda_api.py) and to set MIAODA_API_KEY; it does not direct reading unrelated files or exfiltrating data. Minor note: the CLI also accepts/reads MIAODA_BASE_URL (or --base-url) as an override, but that env var is not listed in the skill metadata; this is an implementation detail rather than a scope creep.
Install Mechanism: okNo install spec is provided (instruction-only with a bundled script). The script depends on the third-party 'requests' package and will exit with an error if it's missing, but it does not download or run arbitrary code from unknown URLs.
Credentials: noteOnly MIAODA_API_KEY is required (declared as the primary credential), which aligns with a networked platform client. Small inconsistency: the script recognizes MIAODA_BASE_URL as an alternative env var but the skill metadata does not declare it; otherwise no unrelated secrets or excessive env variables are requested.
Persistence & Privilege: okThe skill is not always-enabled and does not request system persistence. The CLI is described as stateless and the skill does not attempt to modify other skills or system-wide agent settings.