Skillv1.0.0

ClawScan security

AI护肤好伙伴-skin care · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 25, 2026, 4:20 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill is an instruction-only skincare advisor whose declared behavior, required resources, and files align with its purpose; no unexpected credentials, installs, or network endpoints are requested, but it contains local-path references and a memory file with personal/project metadata you may want to review.
Guidance: This skill appears coherent and does not request secrets or perform installs, but review the included files before installing: .workbuddy/memory/MEMORY.md contains a personal name and employer and some project notes, and references mention a local Windows path (C:\Users\19699\Desktop\论文依据\...) that may be legacy metadata from the skill author. If you care about privacy, remove or sanitize the MEMORY.md and any local-path references. Also confirm where the agent will run — if the agent runtime has access to your local filesystem, ensure you trust the environment (the skill itself doesn't instruct file reads, but it contains filenames that could be misinterpreted). If you want to limit autonomous use, disable model invocation or require explicit user invocation when installing.

Review Dimensions

Purpose & Capability: okName/description (skincare advice, product recommendations, ingredient citations) match the included SKILL.md and reference files. There are no required binaries, env vars, or installs that are unrelated to the stated purpose.
Instruction Scope: noteRuntime instructions ask the agent to collect a basic user profile (region, age group, concerns, lifestyle, budget) which is reasonable for personalized recommendations. The skill enforces citation rules and includes extracted research text for citation. It does not instruct the agent to access network endpoints or to exfiltrate data. However, several reference files embed local file paths (e.g., C:\Users\19699\Desktop\论文依据\...) and the memory file contains named project/author metadata; these are content/privacy details to review but do not indicate malicious behavior.
Install Mechanism: okNo install spec and no code files — instruction-only — so nothing is downloaded or written to disk as part of installation by default.
Credentials: okThe skill requests no environment variables, credentials, or config paths. The data it asks from users (skin profile, budget) is proportionate for its purpose.
Persistence & Privilege: notealways:false and user-invocable:true (normal). The skill includes a .workbuddy/memory/MEMORY.md file with developer/project notes and identifiable strings (person name and employer), which is a privacy artifact rather than a privilege escalation. Autonomous invocation is allowed by platform default; there are no additional privileges requested.