Skillv1.2.1

ClawScan security

ClawHub Skill 发布避坑指南 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignMar 16, 2026, 10:26 AM

Verdict: Benign
Confidence: medium
Model: gpt-5-mini
Summary: This is an instruction-only publishing guide whose content matches its stated purpose, but it contains a few minor inconsistencies and user-safety notes you should be aware of before following the commands.
Guidance: This guide appears coherent and intended to help developers publish skills. Before following its commands: (1) verify SKILL.md contains no secrets before uploading (the curl example will post your file to https://clawhub.ai), (2) the curl example extracts a bearer token from ~/.config/clawhub/config.json — confirm you trust the destination and understand where the token comes from, (3) the guide assumes tools (clawhub CLI, curl, jq); ensure these are present and you trust any commands you paste into a shell, (4) consider declaring required binaries/env vars in your skill metadata as recommended so scanners don't hide your skill, and (5) if you plan to automate publishing, prefer using environment variables or an approved CLI auth flow rather than cat-ing local config files to avoid accidental credential exposure.

Purpose & Capability: noteThe SKILL.md content (how to publish to ClawHub, declaring env vars in front matter, curl/CLI examples) aligns with the skill's stated purpose. Minor mismatch: the instructions assume tools (clawhub CLI, curl, jq) and access to a local ClawHub config file, but the registry metadata lists no required binaries or env vars.
Instruction Scope: noteInstructions are generally scoped to publishing tasks, but they explicitly show commands that read a local file (~/.config/clawhub/config.json) to extract a bearer token and upload SKILL.md via curl. Reading a local token and uploading files is relevant to publishing but is sensitive — the guide doesn't warn about ensuring SKILL.md contains no secrets before uploading.
Install Mechanism: okNo install spec and no code files — lowest-risk form. The guide only contains shell/CLI examples and does not cause files to be downloaded or installed by the platform.
Credentials: noteRegistry metadata declares no required env vars, while the document teaches developers to declare required env vars in SKILL.md front matter. The curl example reads a bearer token from a local config file instead of using a declared env var; this is reasonable for publishing but is a point to verify personally.
Persistence & Privilege: okalways is false and there is no indication the skill asks for persistent or elevated privileges or modifies other skills' configuration.