Skillv1.0.0

ClawScan security

Express Tracker · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignMar 12, 2026, 2:08 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill is internally coherent for generating kuaidi100 query links; it does not request credentials or perform network writes, but it contains a leftover absolute sys.path insertion and an overstated "3000+ companies" claim that reduce portability and should be fixed before wide use.
Guidance: This skill appears to do what it says: produce kuaidi100 query links and optionally open them in your browser. It does not ask for secrets or perform network writes. Two things to consider before running: (1) Both scripts hard-code a development sys.path insertion (/Users/junjian/.openclaw/... ). This is likely a leftover dev artifact; it is not inherently malicious but is non-portable and could cause unexpected imports — remove or replace it with relative imports (e.g., modify sys.path to the script's directory or use package-relative imports). (2) The SKILL.md claim of "3000+" couriers is overstated compared with the bundled mapping; expect support for common carriers only. Recommended actions: inspect the three Python files (they are short), run them in a sandbox/virtualenv, and if you plan to use regularly, edit/remove the absolute sys.path lines to make the scripts portable. If you need complete assurance, ask the publisher for a canonical source/homepage or a corrected package with relative imports.

Purpose & Capability: noteThe name/description (generate courier query links, auto-detect carrier, single/batch modes) matches the included scripts and SKILL.md. No unexpected credentials, binaries, or external installs are required. Minor mismatch: SKILL.md claims support for "3000+" couriers but the bundled express_codes.py contains a modest hard-coded mapping — the large-number claim appears overstated.
Instruction Scope: noteRuntime instructions only run the included Python scripts which read user-supplied input files, build kuaidi100 query URLs, and optionally open the browser. The scripts do not access environment variables or other system config. A notable oddity: both scripts insert an absolute path into sys.path ('/Users/junjian/.openclaw/workspace/skills/express-tracker/scripts') before importing sibling modules — this is a development artifact that reduces portability and could cause surprising import behavior on some systems.
Install Mechanism: okNo install spec; instruction-only plus local Python scripts. Nothing is downloaded or written to the system during installation by the skill itself.
Credentials: okThe skill requests no environment variables, no credentials, and no config paths. This is proportionate to its purpose.
Persistence & Privilege: okalways is false and the skill does not request persistent or elevated privileges, nor does it modify other skills or system-wide settings.