Back to skill
Skillv1.1.3
ClawScan security
腾讯云COS存储 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 18, 2026, 4:29 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's code, install steps, and runtime instructions are consistent with a Tencent Cloud COS/CI integration and the requested credentials/configuration are proportionate to that purpose, with one metadata mismatch to review before install.
- Guidance
- This skill appears to do what it claims: it needs your Tencent Cloud SecretId/SecretKey (or temporary STS token), Region, and Bucket to operate. Before installing: 1) fix or confirm the registry metadata mismatch (the registry summary wrongly listed no required env vars); 2) prefer STS temporary credentials or a sub-account key with least-privilege COS-only policy — do NOT use root account keys; 3) review and verify the npm package source (cos-nodejs-sdk-v5) and consider running setup in an isolated environment; 4) if you persist credentials, understand they are written to a local .env or .env.enc tied to your machine (encryption is machine/user/project-specific), so keep backups and ensure .gitignore prevents commits; 5) if you have low trust in the skill, run the scripts manually in a disposable VM or container rather than granting it to an agent to run automatically.
Review Dimensions
- Purpose & Capability
- noteThe skill implements a wide range of COS and CI capabilities (upload/download, image/media/AI processing, MetaInsight, knowledge base), and its code and install (cos-nodejs-sdk-v5) match that purpose. However, the top-level registry metadata reported 'Required env vars: none' and 'Primary credential: none' while the embedded SKILL.md metadata and scripts clearly require Tencent Cloud credentials (SecretId/SecretKey and optional Token) plus Region and Bucket — this registry metadata mismatch should be corrected before trusting automated installers.
- Instruction Scope
- okSKILL.md and scripts only instruct operations related to COS/CI: installing SDK, reading credentials from env/.env/.env.enc, running the node script for storage/CI actions, and optionally persisting credentials. There are no instructions to read unrelated system files or send data to third-party endpoints beyond Tencent's COS/CI endpoints.
- Install Mechanism
- okInstall uses an npm package (cos-nodejs-sdk-v5) and setup.sh runs local npm install — a standard, expected mechanism for a Node.js tool. No remote arbitrary archive downloads or URL-shorteners are used.
- Credentials
- noteThe skill requires cloud credentials (SecretId/SecretKey and optional STS Token) and Region/Bucket, which are necessary for its functionality. This is sensitive (critical) access and the skill correctly recommends least-privilege sub-account keys and STS temporary credentials. Users should verify they only provide minimal-scope keys. Also note the registry summary at the top contradicts this and lists no required env vars — that inconsistency is concerning.
- Persistence & Privilege
- okThe skill does not request 'always: true' and does not modify other skills or global agent settings. It optionally persists credentials to a local .env or .env.enc file within the project directory; the code marks .env.enc as encrypted and .env as permission-600 when persisted. The persistence behavior is local and opt-in (--persist).