Back to skill
Skillv0.0.2
ClawScan security
TAPD · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 17, 2026, 1:22 PM
- Verdict
- Benign
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's requested resources and runtime instructions are consistent with a TAPD MCP integration; it is an instruction-only wrapper that calls TAPD-related MCP APIs and does not request unrelated privileges or install software.
- Guidance
- This skill appears coherent for integrating with TAPD through an existing MCP layer and does not request extra secrets or install code. Before installing: (1) confirm your platform's MCP/TAPD credentials and where they are stored (ensure least privilege for updates), (2) verify the send_qiwei_message action is allowed for this skill (it will post to enterprise WeChat), (3) test in a non-production project or sandbox to confirm behavior, and (4) prefer skills from verifiable sources or with a homepage if you need stronger assurance about provenance.
Review Dimensions
- Purpose & Capability
- okThe name/description state it integrates with TAPD via MCP to query and modify issues, tasks, iterations, etc. The SKILL.md exclusively references TAPD-related MCP API calls (get_bug, get_releated_bugs, get_iterations, get_stories_or_tasks, get_todo) and an MCP helper to send enterprise WeChat messages. There are no unrelated environment variables, binaries, or install steps requested.
- Instruction Scope
- noteInstructions stay within TAPD/MCP operations (querying/updating TAPD entities and sending messages via send_qiwei_message). They are high-level (describe which API to call for each scenario) rather than prescribing exact parameter validation or authorization checks; this gives the agent operational discretion but does not by itself indicate scope creep (no references to reading local files, arbitrary env vars, or external endpoints).
- Install Mechanism
- okNo install spec and no code files — instruction-only skill. This is low-risk because nothing is written to disk or downloaded as part of the skill.
- Credentials
- noteThe skill declares no required environment variables or credentials. That is plausible if the platform provides TAPD/MCP credentials centrally, but if the skill expects write/update capabilities the caller's account or the MCP integration will need appropriate permissions; the absence of declared credentials means you should confirm where the TAPD auth lives and that the MCP integration has least privilege.
- Persistence & Privilege
- okalways is false and there is no install that modifies other skills or system-wide settings. disable-model-invocation is false (normal). The skill does mention sending enterprise WeChat messages via MCP — verify that sending notifications is intended and authorized in your environment.