Skillv2.3.7

ClawScan security

Legado Book Source Developer · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignApr 6, 2026, 8:25 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's files, tools, and runtime instructions are consistent with its stated purpose (building and debugging Legado book sources), but review the included uploader and any network/file actions before use.
Guidance: This package is coherent for Legado book-source development, but take these precautions before installing or running it: - Inspect tools/upload_book_source.py and confirm the upload target (default: tu.406np.xyz) is acceptable; change or remove it if you don't want extracted data posted to a public host. - Review any scripts you plan to run (tools/*.py, analyze_url.sh). They perform HTTP fetches and may read/write local files; run them in a sandbox if possible. - The bundle expects runtime dependencies (Python, requests, bs4, curl) that are not declared — ensure you run them in a controlled environment with only the needed packages. - Only analyze websites you own or are authorized to access (the skill itself repeats this). Many example book-source JSONs reference third-party sites and copyrighted material; make sure your use complies with law and site terms. - If you want tighter safety, search the included files for any unexpected network endpoints or obfuscated upload logic before granting network access.

Purpose & Capability: okName/description (Legado book source development) match the provided assets: documentation, example book-source JSON, analyzers, validators and helper scripts. No unrelated credentials or surprising binaries are requested.
Instruction Scope: noteSKILL.md stays on-topic (detect encoding, fetch HTML, analyze structure, build/validate sources). It also exposes utilities to read local files (read_file_paginated) and an upload helper to push book-source artifacts to a public host; these are reasonable for a development tool but require caution because they enable file reads and network uploads beyond simple analysis.
Install Mechanism: okNo install spec (instruction-only) so nothing is forced onto disk by an installer. However the bundle contains runnable scripts (Python, shell) that expect Python packages (requests, bs4) and curl; the skill does not declare these runtime dependencies explicitly.
Credentials: noteThe skill requests no environment variables or credentials, which is proportionate. It does include an upload script that posts to a default public host (tu.406np.xyz) — this is part of sharing functionality but could leak scraped content if used without review.
Persistence & Privilege: okSkill does not request permanent presence (always:false) and does not declare modification of other skills or system-wide config. Default autonomous invocation is allowed (platform default) and appropriate for this kind of tooling.