Skillv0.1.1

ClawScan security

前程似锦-高考升学规划Pro · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 29, 2026, 5:54 AM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill's code and instructions are internally consistent with a Gaokao advising/ pricing/calibration tool and rely on platform-provided gateway/auth; a few minor mismatches and implementation quirks deserve attention but do not indicate malicious intent.
Guidance: This skill appears to do what it claims: calibration utilities and a pricing engine for Gaokao advising that rely on OpenClaw Gateway and a DeepSeek API profile. Before installing: 1) Ensure your OpenClaw environment provides the gateway methods the skill expects (checkApi, testModelResponse, getInstalledSkills, etc.) and that you have configured the DeepSeek API key via OpenClaw auth (the skill expects platform-managed auth rather than raw env vars). 2) Confirm you are comfortable with the skill reading the list of installed skills for compatibility checks (it declares this behavior). 3) Avoid running the packaged "calibrate" npm script without reviewing/adjusting it — it incorrectly passes process.env to runCalibration and may error; prefer invoking calibration via the platform runtime that supplies the env object. 4) Verify payment/settlement/WeChat integration and any data-handling policies with the vendor before using in production. If you want higher confidence, ask the author to: (a) add explicit metadata declaring the required credential (DeepSeek) and how it is provided, and (b) fix the calibrate script to accept a proper gateway env object or document the exact runtime invocation.

Review Dimensions

Purpose & Capability: noteThe name/description match the included code (calibration and pricing). The SKILL.md requires a DeepSeek API Key, but the registry metadata shows no required env vars or primary credential — this is explainable because the skill expects credentials to be supplied via the OpenClaw auth/profiles mechanism rather than as raw environment variables. Overall capabilities align with the stated purpose, though the omission of an explicit primary credential in metadata is a documentation gap the user should be aware of.
Instruction Scope: noteInstructions and included JS only call platform-provided env.* methods (checkApi, checkDataSources, getInstalledSkills, testModelResponse, verifyPricing, etc.). Those calls are coherent with calibration and compatibility checks. The skill declares it will read the installed skill list (compatibility checks) — this is within scope but is a privacy-relevant action and is explicitly documented. One implementation oddity: package.json's "calibrate" script invokes runCalibration(process.env), which would pass a plain env object (strings) into functions expecting methods; this is likely a developer mistake rather than malicious behavior, but it could cause runtime errors if executed as-is.
Install Mechanism: okNo install spec or external downloads; skill is instruction-first with included JS files. No third-party packages are fetched at install time and no archives are extracted. This is low-risk from an install mechanism perspective.
Credentials: noteThe skill requires platform-managed credentials (DeepSeek API Key via OpenClaw auth) and access to OpenClaw Gateway runtime methods, but the registry metadata does not declare a primary credential or env vars. The requested access (model API, historical data provided by platform, installed-skill list) is proportional to the functionality. Users should confirm OpenClaw auth is used (not raw environment variables) and be comfortable with the skill reading the installed-skill list for compatibility checks.
Persistence & Privilege: okalways is false and the skill does not request elevated or persistent platform-wide privileges. The calibration code reads installed skill lists for compatibility checking but does not modify other skills or system config in the provided code.