Skillv1.0.0

ClawScan security

Sleep Quality Analysis Skill | 睡眠质量分析技能 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

ReviewApr 17, 2026, 2:13 AM

Verdict: Review
Confidence: medium
Model: gpt-5-mini
Summary: The skill's code and instructions largely match a sleep-video-analysis capability, but several implementation choices (shared workspace config access, local persistence, and large common libraries) are disproportionate or unclear and warrant caution.
Guidance: This skill appears to implement sleep-video analysis, but it also: (1) reads configuration from a shared workspace path (which can contain API keys/identifiers for other services), (2) persists uploaded videos and a local SQLite DB under the workspace, and (3) bundles large common libraries. Before installing, ask the publisher where the API endpoints actually point and how long uploaded videos and DB entries are retained; confirm whether shared workspace config may contain unrelated secrets; avoid providing real user open-ids or production credentials until you trust the endpoint; run the skill in an isolated/sandboxed workspace if possible; review the smyx_common config.yaml and any workspace-level config files for secrets; and consider trimming/isolating the package to only the sleep-analysis components if you need a smaller attack surface.

Review Dimensions

Purpose & Capability: noteThe name, SKILL.md and scripts implement sleep-stage analysis and listing of cloud reports as described. However the package also contains a full face_analysis module and a large shared 'smyx_common' library; bundling these broader components is not strictly necessary for a single sleep-quality skill and increases the attack surface and dependency requirements.
Instruction Scope: concernSKILL.md imposes strict runtime rules (forbid reading local memory/LanceDB and require cloud-only history queries) while mandating reading configuration files from the skill/workspace (to obtain open-id). The skill also automatically saves uploaded attachments to a local attachments directory. Those instructions constrain the agent but permit reading/writing files in the workspace and saving user videos locally, which is outside the minimal scope of 'analyze one video' and has privacy implications.
Install Mechanism: noteThere is no install spec (lower risk) but the bundle includes a large requirements list under skills/smyx_common (many third-party packages). If someone attempts to run the scripts, they will need many dependencies; the skill will also create/modify YAML config files if not present. No external download URLs were used, which is positive.
Credentials: concernDeclared requirements list no env vars, but code reads environment variables (OPENCLAW_SENDER_OPEN_ID, OPENCLAW_WORKSPACE, FEISHU_OPEN_ID, etc.) and will look for config.yaml under a shared workspace path. Asking the agent to read workspace-level config to obtain open-id/API keys can expose credentials not strictly tied to sleep analysis. The skill also persists data under workspace/data and attachments, which may store user videos and metadata.
Persistence & Privilege: concernalways:false (good), but the code includes a local DAO/SQLite layer and will create files under the workspace (data DB) and save uploaded attachments. The skill can therefore create persistent artifacts in shared workspace locations, increasing long-term data exposure risk.