ClawHub

Site Snapshot Review

v1.0.0

Review one supported site's exported snapshot records without reopening live browser automation.

0· 15·1 current·1 all-time
byYifeng[Terry] Yu@xiaojiou176
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name/description (review exported site snapshot records) match the instructions (load snapshot, filter to one site, report counts/highest-signal items). The actions requested are proportional to the stated purpose.
Instruction Scope
Instructions stay read-only and explicitly forbid mutation, which aligns with purpose. They are minimal and assume use of '@campus-copilot/sdk/snapshot' and an available exported snapshot but do not specify where the snapshot is supplied or error handling if the SDK is absent—this is a scope/clarity gap rather than a security mismatch.
Install Mechanism
No install spec or code files are present (instruction-only). This is low-risk; however the skill assumes an SDK module exists in the runtime environment, which should be confirmed by the integrator.
Credentials
The skill declares no environment variables, credentials, or config paths and the instructions do not request secrets. The resource access described (reading a snapshot) is proportionate.
Persistence & Privilege
always is false and no special persistence or system-wide config changes are requested. Autonomous invocation is allowed (platform default) but the skill's read-only scope limits risk.
Assessment
This skill appears coherent and read-only, but confirm two practical things before installing: (1) that the runtime where the agent will run actually provides the '@campus-copilot/sdk/snapshot' module (the SKILL.md assumes it exists), and (2) that you will supply the exported workspace snapshot (the skill doesn't describe how snapshots are passed). Also verify snapshots do not contain sensitive PII you don't want reviewed, and consider running the skill in a restricted environment until you confirm behavior.

Like a lobster shell, security has layers — review code before you run it.

campus-copilotvk97bgrqetce7hbda4wp2adzckn84jzzwlatestvk97bgrqetce7hbda4wp2adzckn84jzzwread-onlyvk97bgrqetce7hbda4wp2adzckn84jzzw

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments