Back to skill
Skillv1.0.5
ClawScan security
Volcengine CLI · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 13, 2026, 10:33 AM
- Verdict
- Benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's files, runtime instructions, and requested credentials align with a Volcengine CLI helper: it asks for the expected Volcengine keys, requires the ve binary, and its scripts call Volcengine API endpoints — nothing appears disproportionate or out of scope.
- Guidance
- This skill appears coherent: it will run 've' commands and may call Volcengine's API docs endpoints; to use it safely, only provide Volcengine credentials you trust the skill with (prefer short-lived or least-privilege keys), verify the 've' binary you install (npm package name and GitHub releases), and avoid storing long-lived root credentials in your environment. Note the SKILL.md explicitly says not to read ~/.volcengine/config.json — confirm the agent enforces that rule before granting file-read permissions. If you do not trust the skill's source or cannot limit the credentials, do not install or provide credentials.
Review Dimensions
- Purpose & Capability
- okThe skill is advertised as a Volcengine CLI helper and indeed requires the 've' binary and Volcengine AK/SK/REGION environment variables. The included scripts call api.volcengine.com to search and fetch OpenAPI docs, which is consistent with the stated goal of locating APIs and building requests.
- Instruction Scope
- noteSKILL.md keeps actions focused on running 've' commands, using --DryRun for writes, and locating API parameters via included scripts. The doc explicitly forbids reading ~/.volcengine/config.json (sensitive). One minor note: allowed-tools includes generic Read/Write, which in theory grants file access; however the instructions themselves avoid reading sensitive files. Verify that any agent implementation enforces the declared safety rules rather than ignoring them.
- Install Mechanism
- okThere is no automatic install spec (instruction-only). The SKILL.md documents installing 've' via the official npm package or GitHub releases, which are reasonable, traceable sources. The included helper scripts are simple Python clients that fetch data from Volcengine's official API endpoints — no obfuscated or remote arbitrary-code download URLs were used.
- Credentials
- okThe skill requires VOLCENGINE_ACCESS_KEY, VOLCENGINE_SECRET_KEY, and VOLCENGINE_REGION only — exactly the credentials needed to run Volcengine CLI commands. These variables are declared and the primaryEnv matches the expected primary credential. No unrelated secrets or extra cloud provider credentials are requested.
- Persistence & Privilege
- okalways:false and no install-time modifications are requested. The skill does not request permanent platform-level privileges or modify other skills. Autonomous invocation is enabled by default (normal) but not combined with other red flags.