Skillv1.0.0

ClawScan security

龙港求职技能 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

ReviewFeb 23, 2026, 3:20 PM

Verdict: Review
Confidence: high
Model: gpt-5-mini
Summary: The skill's code matches its job-scraping-and-emailing description, but it hardcodes a QQ SMTP account password and other inconsistencies (missing dependency, default recipient) that pose privacy/exfiltration risks and show incoherence in credential handling.
Guidance: This skill largely does what it advertises (scrapes a job site and emails results), but it contains a hardcoded QQ SMTP account and password inside crawl.js and uses a default recipient address. That means scraped results will be sent using the author's email account (and the author could see or receive those results). Before installing or running: (1) Do not run as-is if you care about privacy. Replace the hardcoded SMTP credentials with your own account or configure the code to read SMTP user/pass and sender address from environment variables. (2) Install missing dependency iconv-lite (npm i iconv-lite nodemailer) or fix package.json. (3) Consider using a throwaway/test environment and a throwaway SMTP account for initial testing, or block outbound SMTP if you don't want data leaving your network. (4) Review and, if appropriate, remove the default recipient and verify the target website's scraping policies. If you are uncomfortable editing code or exposing data to the embedded account, mark this skill untrusted.

Review Dimensions

Purpose & Capability: noteName/description (scrape 325802 and email results) align with included crawl.js which fetches pages, extracts job data, writes jobs_result.txt, and sends email. Sending via SMTP is expected for the advertised '自动发邮件' feature, but the implementation hardcodes a sender account and password in the script rather than asking the user to provide credentials, which is atypical and notable.
Instruction Scope: concernSKILL.md describes only scraping and emailing; the runtime instructions do that and nothing obviously out-of-scope. However the code writes results to disk and transmits results over the network to the job site and to an external SMTP server. SKILL.md does not disclose that the sender SMTP account (and its password) are embedded in the code — users may not realize their scraped data will be sent via a third-party account that the author controls.
Install Mechanism: noteThis is instruction-only with bundled code (no install spec). package.json lists nodemailer dependency, package-lock.json includes nodemailer; SKILL.md and crawl.js also mention iconv-lite, but iconv-lite is required by the script yet is missing from package.json/package-lock. That mismatch will break runtime unless the user manually installs iconv-lite.
Credentials: concernrequires.env is empty but the code embeds sensitive SMTP credentials (user: 450733414@qq.com, pass: okjybcgpuprncbah) and a default recipient (450733414@qq.com). The skill does not request or document the use of user-owned SMTP credentials or environment variables, so credential handling is disproportionate and risky: data could be visible to the SMTP account owner, and the secret in code is a clear red flag.
Persistence & Privilege: okalways:false and no system-wide changes. The skill writes a local file (jobs_result.txt) and sends network requests, but it does not request elevated persistence or modify other skills or settings.