ClawHub
Back to skill
v0.2.1

Pipaclaw Skills Hub

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 8:19 AM.

Analysis

This skill hub is mostly a routing and workflow package with no install or credential requirements, but users should be deliberate about social-account work, live-link research, and optional helper/publishing scripts.

GuidanceThis looks acceptable to install as a routing/workflow skill. Before using it, remember that social-account guidance can affect your public reputation, so keep credentials private and manually approve posts or account changes. If you encounter helper scripts or publishing commands, do not run them as part of normal skill use unless you have inspected and trust them.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation
SeverityLowConfidenceHighStatusNote
social-account-ops/SKILL.md
If the user sends a live platform link: - resolve short links first ... - read the homepage ... - read note body text, images, and comment signals

The skill instructs the agent to research user-provided live social links. This is expected for account diagnosis, but it is still external browsing and analysis of public account content.

User impactThe agent may visit and summarize public social-account pages or posts before asking follow-up questions.
RecommendationOnly provide links you want analyzed, and review any account diagnosis or draft content before acting on it.
Agentic Supply Chain Vulnerabilities
SeverityLowConfidenceHighStatusNote
metadata
No install spec — this is an instruction-only skill. ... Code file presence: 5 code file(s): promo-video-maker/scripts/bootstrap.sh ... promo-video-maker/scripts/hub-api.sh

The registry presents the package as instruction-only, but helper shell scripts are included in the package. No automatic execution is shown, and the static scan is clean, but helper scripts should still be treated as executable artifacts.

User impactA user or agent could run included helper scripts manually even though normal installation does not require them.
RecommendationUse the skill as documentation/routing by default; inspect any script before running it.
Unexpected Code Execution
SeverityLowConfidenceHighStatusNote
PUBLISHING.md
That script handles: - proxy validation - local ClawHub CLI patch verification - Bun-based execution - auth check

The maintainer publishing guide describes a local helper that performs checks and patch verification. This is not part of normal user-facing skill behavior, but it is executable operational guidance included in the package.

User impactFollowing maintainer publishing instructions could run local tooling and interact with ClawHub authentication or publishing flows.
RecommendationDo not run publishing commands or local patch helpers unless you are intentionally maintaining this package and trust the repository context.
Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse
SeverityLowConfidenceMediumStatusNote
social-account-ops/SKILL.md
Use when a user wants help diagnosing, planning, writing, iterating, handling platform risk, or taking over a Xiaohongshu, X, or Douyin account

The workflow covers managed social-account operations, which can affect a user's public identity or account reputation. The artifacts do not request credentials or instruct automatic publishing.

User impactAdvice or drafts from the skill could influence public posts, account positioning, or platform-risk decisions.
RecommendationDo not share platform passwords, cookies, or recovery codes; keep publishing and account changes under your direct control.