Skillv1.0.0

ClawScan security

保险产品解析 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

SuspiciousApr 10, 2026, 6:34 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's code and instructions broadly match its stated purpose, but the runtime instructions reference a local CSV mapping file that is not included and the skill calls an external test API endpoint—these inconsistencies warrant caution before installing.
Guidance: Before installing: (1) verify or provide the references/product-mapping.csv that the SKILL.md expects—without it the agent may attempt unintended file access or fail; (2) confirm you trust the external API endpoint (https://openapi-test.hongdibaobei.com/...)—it's a test domain and may not be production or trusted; (3) review the mapping CSV contents to ensure it doesn't contain sensitive data and that the productCode/secondTypeId values are correct; (4) run the script in a sandboxed environment first to observe network calls and outputs; (5) if you need offline operation, modify the skill to include the mapping file or a safe mapping source. These steps will reduce the risk from the missing resource and the external network call.

Purpose & Capability: noteName/description match the behavior: mapping a product name to productCode/secondTypeId and fetching details from an API. The included script implements the API call. However, the SKILL.md requires reading references/product-mapping.csv to obtain mappings, but that CSV is not present in the package manifest (only SKILL.md and scripts/main.py are included).
Instruction Scope: concernSKILL.md instructs the agent to read a local file references/product-mapping.csv and then run scripts/main.py with extracted parameters. Because the CSV is missing, an agent might attempt to access the filesystem or another source for mappings. The instructions also direct runtime network requests to an external API (openapi-test.hongdibaobei.com); contacting an external endpoint is expected for this feature but should be verified.
Install Mechanism: okNo install spec and no additional binaries—this is instruction-only plus a small script. Nothing is downloaded or written to disk by an installer.
Credentials: okThe skill requires no environment variables, no credentials, and no config paths. The script only sends productCode and secondTypeId to an external API—no obvious overbroad access to secrets.
Persistence & Privilege: okalways is false and the skill does not request persistent or elevated privileges. It does not modify other skills or system settings.