ClawHub

社媒热搜助手

PassAudited by ClawScan on May 15, 2026.

Overview

The skill is coherent and purpose-aligned for social-media trend analysis, but it sends user query topics to an external proxy and creates a persistent local quota identity.

This skill appears safe to install for its stated purpose if you are comfortable using an external social-media analytics proxy. Before using it, understand that it auto-registers a quota identity, saves it under `~/.config/social-hotsearch/user.json`, and transmits your searched topics or keywords to the provider; avoid confidential or unreleased topics unless that is acceptable.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Low
#ASI02: Tool Misuse and Exploitation
What this means

The assistant may use the service automatically during relevant requests, consuming the free call allowance and sending the requested search terms to the proxy.

Why it was flagged

The agent is allowed to invoke the remote social-base tool implicitly. This matches the skill's intended natural-language workflow, but calls can spend quota and transmit the user's topic or keyword without a separate per-call confirmation.

Skill content
policy:
  allow_implicit_invocation: true
Recommendation

Use the skill only for queries you are comfortable sending to the provider, and ask the assistant to confirm before running multi-step or quota-heavy analyses if quota matters.

Low
#ASI03: Identity and Privilege Abuse
What this means

The provider can associate calls from the same machine/user profile for quota tracking, and the local user ID file can be reused by later runs of the skill.

Why it was flagged

The skill derives a hashed machine fingerprint from local username and hostname and persists a quota identity locally. This is used for the advertised free-quota registration, but it is still a stable identifier.

Skill content
raw = f"{getpass.getuser()}@{socket.gethostname()}"
return hashlib.sha256(raw.encode("utf-8")).hexdigest()[:24]
...
USER_FILE = Path(... ".config" / "social-hotsearch" / "user.json")
Recommendation

Be aware that using the skill creates a persistent local quota identity; delete `~/.config/social-hotsearch/user.json` only if you intentionally want to reset that local identity and understand the quota impact.

Low
#ASI07: Insecure Inter-Agent Communication
What this means

Topics or brand/event keywords you ask the skill to analyze are transmitted to the external provider for processing.

Why it was flagged

The scripts send the selected tool name and full query arguments, including topics, keywords, dates, platforms, and search fields, to an external MCP/HTTPS proxy.

Skill content
PROXY_BASE = os.environ.get("SOCIAL_PROXY_BASE", "https://47-103-200-210.nip.io")
...
"params": {"name": tool_name, "arguments": arguments}
Recommendation

Do not submit confidential, unreleased, or sensitive business topics unless you trust the proxy operator and its stated privacy practices.