Back to skill
Skillv1.0.0
ClawScan security
Mx Data · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
SuspiciousMar 14, 2026, 4:56 AM
- Verdict
- suspicious
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's runtime instructions require an API key and make network calls to a specific domain, but the registry metadata does not declare the required credential or provenance—this mismatch and the unknown source warrant caution.
- Guidance
- Before installing or enabling this skill: (1) Confirm the provider and trustworthiness of the Meixiang API and the domain mkapi2.dfcfs.com — no homepage or source is provided. (2) Expect to provide an API key (MX_APIKEY) and treat it as a secret; verify why the registry metadata omitted that requirement and ask the publisher to update metadata to declare MX_APIKEY as required. (3) Consider network and data-leak risks: the skill will send your API key and queries to the listed endpoint and may save full JSON responses to the agent's working directory (mx_data_result.json); avoid sending personally sensitive data. (4) If you need stronger assurance, request the publisher's documentation or homepage, or ask for a signed package/source so you can audit provenance. (5) Because of the metadata mismatch and unknown origin, prefer to only enable this skill for limited, well-scoped use and monitor API key usage or rotate the key if you test it.
Review Dimensions
- Purpose & Capability
- noteThe SKILL.md describes a financial-data lookup skill using a Meixiang API and the described API endpoint (mkapi2.dfcfs.com) and payloads match the stated purpose. However, the registry metadata lists no required environment variables or primary credential while the instructions clearly require MX_APIKEY—this metadata omission is inconsistent.
- Instruction Scope
- okRuntime instructions are narrowly scoped to constructing a JSON payload, calling the documented POST endpoint with curl, parsing returned JSON fields, and optionally saving the full JSON to mx_data_result.json. The instructions do not ask the agent to read unrelated files or extra environment variables, but they do instruct optionally persisting API results to the local working directory (which may store sensitive data).
- Install Mechanism
- okThis is an instruction-only skill with no install spec or code files, so nothing is written to disk by an installer. It relies on curl being available (not unusual) and performs network requests at runtime.
- Credentials
- concernThe SKILL.md requires an API key via environment variable MX_APIKEY, but the skill's registry metadata declares no required env vars or primary credential. That mismatch is a red flag: the skill will ask users to provide a secret that the registry does not advertise. Additionally, the API key will be sent as an HTTP header to mkapi2.dfcfs.com, so users should treat it as sensitive.
- Persistence & Privilege
- okThe skill is not always-enabled, and it does not request system-wide configuration or modify other skills. It only suggests optionally saving query results to a local JSON file under the working directory.