Skillv1.0.1

ClawScan security

EMAR adv-plan-diagnosis · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 21, 2026, 6:17 AM

Verdict: suspicious
Confidence: high
Model: gpt-5-mini
Summary: The skill claims to run a diagnosis script against Tencent / Ocean Engine APIs, but the packaged script is syntactically broken and the skill expects API credentials (in .env) that are not declared in the metadata or SKILL.md — the pieces are inconsistent and need fixing before use.
Guidance: This skill is inconsistent and should be treated cautiously. Before installing or running it: 1) Do not supply real API keys or refresh tokens until you are comfortable — the metadata does not declare the required secrets. 2) Inspect and fix the included diagnose.py: it contains syntax/implementation errors (literal separator lines inserted into code, incorrect/missing __init__ methods, indentation problems) and will not run as shipped. 3) Ask the author to (a) declare required environment variables in metadata and SKILL.md, (b) provide a runnable, tested script or a safe install path, and (c) explain how tokens are stored/rotated. 4) If you must test, do so in a sandbox account with non-production credentials. If the author supplies a corrected script and explicit credential requirements, re-evaluate; as-is the package is broken and misleading.

Review Dimensions

Purpose & Capability: concernThe skill's stated purpose (diagnose ad plans on Tencent / Ocean Engine) aligns with the code that calls those platforms' APIs. However the registry metadata declares no required environment variables while the code clearly depends on TENCENT_CLIENT_ID, TENCENT_CLIENT_SECRET, TENCENT_REFRESH_TOKEN and OCEAN_ENGINE_APP_ID, OCEAN_ENGINE_SECRET, OCEAN_ENGINE_REFRESH_TOKEN. The included .env is a template for those secrets, but the skill package/metadata does not advertise or require them — this is an incoherence that could surprise users.
Instruction Scope: concernSKILL.md instructs the agent to collect IDs then run python diagnose.py and to rely on its JSON output. That is consistent in intent, but the bundled diagnose.py is syntactically malformed (see details) and will not run as-is, breaking the required workflow. SKILL.md also omits explicit instructions for providing the required API credentials (it notes token expiry but does not declare environment variables), so following the SKILL.md will likely produce errors rather than useful diagnostics.
Install Mechanism: noteThere is no install spec (instruction-only), which is low risk. The package includes requirements.txt listing requests and python-dotenv — reasonable for the task. No third-party downloads or obscure URLs are used. However, because the script is included and expected to run, the absence of an explicit install step means the environment must already have Python and those packages; SKILL.md does not specify this dependency explicitly.
Credentials: concernThe code requires multiple sensitive environment variables (client IDs/secrets and refresh tokens for two ad platforms) but the skill metadata lists none. The presence of a .env template shows the skill expects secrets to be provided, which is appropriate for API access, but the omission from metadata and SKILL.md is misleading. Requesting both platforms' credentials may be reasonable only if the skill will access both — the agent should ask which platform before the user provides credentials (SKILL.md does ask platform and IDs, but does not call out the env-var secrets).
Persistence & Privilege: okThe skill does not request always:true, does not modify other skills, and does not persist credentials back into the agent config. The OceanEngine client may update self.refresh_token in memory but does not write to disk. No elevated platform-wide privileges are requested.