Skillv1.0.0

ClawScan security

🇮🇳 印度市场政策查询Skill · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignApr 29, 2026, 10:58 PM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill's declared purpose, required resources, and runtime instructions are internally consistent (instruction-only, no credentials or installs), but a vague 'automatic calibration' step and unknown source reduce confidence.
Guidance: This skill appears coherent: it's instruction-only, needs no keys, and its behavior matches the description. Before installing, note two practical points: (1) the 'automatic calibration' step is underspecified — ask the author or test in a sandbox to confirm it does not fetch or exfiltrate data or modify agent state; (2) the package source and homepage are unknown — prefer skills with a verifiable origin. If you proceed, run initial queries in a restricted environment, avoid providing any unrelated secrets, and monitor network activity on first use. If you need higher assurance, request details about what the calibration step does and any endpoints it contacts.

Purpose & Capability: okName and description match the provided instructions: a query/analysis assistant for Indian market policy. The skill declares no binaries, no env vars, and needs no credentials — which is proportionate for a read-only, instruction-only policy helper.
Instruction Scope: noteSKILL.md stays within scope (examples show querying tariffs/HS codes, disclaimers). However it says '首次加载自动执行快速校准' (first load runs an automatic quick calibration) and references a '惠迈校准框架v1.0' without detailing what calibration does or whether it fetches external data or stores state. That vagueness grants some operational discretion and should be clarified.
Install Mechanism: okNo install spec and no code files (instruction-only). This is lowest-risk from an installation/execution standpoint — nothing is written to disk by the package itself.
Credentials: okThe skill requires no environment variables, no credentials, and no config paths. This is proportionate to the stated purpose. No unrelated secrets are requested.
Persistence & Privilege: okFlags are default (always:false). The skill does not request permanent presence or system-wide config changes. Autonomous invocation by the agent is allowed by default but is not excessive here.