Skillv1.0.0

ClawScan security

Metal Price · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousFeb 24, 2026, 12:05 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's stated purpose (scrape metal prices and export to Excel) matches its instructions, but hard-coded login credentials, a fixed per-user export path, and vague automation details are disproportionate and raise privacy/safety concerns.
Guidance: This skill's behavior (logging into an external site and saving files to a specific user's Desktop) is coherent with scraping metal prices, but there are red flags you should resolve before installing: - The SKILL.md contains hard-coded login credentials. Ask the publisher why fixed credentials are embedded and never use skills that ship with unknown account/password pairs. Prefer skills that prompt you to supply your own credentials or use stored, auditable secrets. - The export path is hard-coded to another user's Desktop (C:\Users\wangxiang\...). That means files will be written to a specific location which likely doesn't exist on your machine and may indicate the author tailored the skill to their environment. Require the skill to accept a configurable path instead. - The instructions are vague about how the agent will perform browser automation (selenium, puppeteer, headless browser, or remote calls). Ask how automation is implemented and run the skill in a restricted sandbox (isolated account, network monitoring) until you trust it. - Confirm the legality and terms-of-service of scraping www.qqthj.com. If you proceed, provide your own credentials and a safe, configurable export directory; review network and filesystem activity during the first runs. Given these inconsistencies (embedded creds, fixed path, and vague execution method) I rate the skill as suspicious. If the author clarifies that the credentials are placeholders, makes the output path configurable, and documents the automation tool used, the risk would be reduced.

Review Dimensions

Purpose & Capability: concernThe skill claims to scrape prices from www.qqthj.com and export to Excel — the steps in SKILL.md align with that purpose. However, the inclusion of a hard-coded username and password and a mandatory, user-specific export path (C:\Users\wangxiang\...) are unexpected for a generic scraping/export tool and are not justified by the description.
Instruction Scope: concernThe instructions direct automated login, navigation, scraping, and writing an .xlsx to a fixed local path. They provide CSS selectors but no concrete, safe method for automation (no mention of which tool to use). This vagueness gives the agent broad discretion (e.g., executing arbitrary browser automation), and the forced write location is intrusive.
Install Mechanism: okInstruction-only skill with no install steps or third-party downloads; nothing is written to disk by an installer. This lower install surface reduces risk.
Credentials: concernNo required environment variables are declared, yet plaintext login credentials are embedded in SKILL.md. Embedding an account/password directly in the instructions and requiring a specific user desktop path are disproportionate and suspicious. It's unclear whether the credentials are legitimate/test or stolen.
Persistence & Privilege: okalways is false and the skill does not request system-wide or cross-skill configuration changes. It does, however, instruct writing to a specific local path which would require filesystem write permission when executed.