Back to skill
Skillv1.0.3
ClawScan security
gsdata-search · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 2, 2026, 7:06 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's code and instructions are consistent with its stated purpose (searching projects-databus.gsdata.cn) and do not request unrelated credentials or perform unexpected actions, but there are small operational/packaging notes and a security concern about using plain HTTP for credentials.
- Guidance
- This skill appears to do what it says: it sends your provided project_id and sign to projects-databus.gsdata.cn and returns selected fields from the response. Before installing/using it: (1) review and trust the API operator because you must supply credentials; (2) be aware the code uses HTTP (not HTTPS) to send project_id/sign — this can expose secrets on the network; avoid using sensitive credentials over unencrypted networks or ask the provider for a TLS endpoint; (3) note the minor packaging inconsistency (package.json present for a Python package) — not malicious but worth a quick sanity check; (4) if you want stronger assurance, run the included Python file locally with non-production credentials and inspect traffic (or add TLS) before giving real credentials.
Review Dimensions
- Purpose & Capability
- noteThe name, description, SKILL.md, and src/__init__.py all align: the module issues a POST to the stated GS Data API with the provided project_id, sign, and search parameters and returns filtered JSON results. Minor oddity: repository includes a package.json (npm-style) even though the implementation is Python and requirements.txt is present; this is a packaging inconsistency but not a functional mismatch.
- Instruction Scope
- okSKILL.md only instructs how to call the search function and how to provide project_id and sign. It does not ask the agent to read other files, environment variables, or send data to endpoints outside the declared API. One operational risk: the code posts credentials over HTTP (API URL uses http:// and port 7777), which can expose secrets in transit if the network is not trusted.
- Install Mechanism
- okThere is no install spec (instruction-only skill with included Python source). Dependencies are ordinary (requests in requirements.txt). The presence of package.json/plugin.json is redundant and slightly inconsistent for a Python skill but not an active install-time risk (no arbitrary download or extract steps).
- Credentials
- okThe skill does not request environment variables or other credentials up front; it expects project_id and sign to be provided when calling the function or CLI. This is proportionate. Note: because the API call uses plain HTTP, those provided credentials would be transmitted in cleartext over the network.
- Persistence & Privilege
- okalways is false and the skill does not request persistent system privileges or modify other skill configurations. It only performs on-demand network requests to the stated API endpoint.