v1.0.0

Save Article Universal

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 8:07 AM.

Analysis

This skill appears to fetch a user-provided WeChat article and save it as a Markdown file, with no evidence of hidden exfiltration or destructive behavior.

GuidanceBefore installing, check that you are comfortable with the skill fetching URLs through curl and writing article content into your notes or chosen folder. Do not provide Notion credentials unless you understand and need that integration, and be aware that the included code appears not to actually implement Notion syncing despite advertising it.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Unexpected Code Execution

SeverityLowConfidenceHighStatusNote

save_article.py

result = subprocess.run(cmd, capture_output=True, text=True)

The script invokes curl as a subprocess to fetch the supplied URL. This is expected for an article-saving tool and uses an argument list rather than shell interpolation, but users should understand that running the skill performs a network fetch through a local command.

User impactRunning the skill will contact the URL you provide and save the result locally.

RecommendationUse trusted article URLs and avoid passing private internal URLs unless you intend to save their contents.

Agentic Supply Chain Vulnerabilities

SeverityInfoConfidenceHighStatusNote

save_article.py

"curl", "-s", "-L", "--max-time", "15"

The code requires the curl binary, while the registry requirements list no required binaries. This under-declaration can cause setup confusion, although it is not evidence of malicious behavior.

User impactThe skill may fail unless curl is installed, despite metadata not declaring that requirement.

RecommendationEnsure curl is installed before use, and prefer updated metadata that declares required runtime dependencies.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityLowConfidenceHighStatusNote

save_article.py

"NOTION_API_KEY": "notion_api_key", "NOTION_DATABASE_ID": "notion_database_id"

The code reads optional Notion-related environment variables even though registry metadata declares no environment variables or primary credential. The artifacts do not show these values being transmitted or used, but users should know the process can read them if set.

User impactIf you set Notion credentials in the environment or config, the script process can access them.

RecommendationOnly provide least-privilege Notion credentials if you need Notion functionality, and prefer explicit credential declarations in the skill metadata.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Memory and Context Poisoning

SeverityLowConfidenceHighStatusNote

save_article.py

"include_full_content": True

By default the script saves the full fetched article content into Markdown files for local or note-app storage. This is purpose-aligned, but it persists untrusted web content that may later be searched, synced, or reused by other AI/note workflows.

User impactSaved articles can become long-lived notes and may later influence tools that read your notes.

RecommendationReview saved content from untrusted pages and consider saving to a separate folder or disabling full-content saving when appropriate.