Skillv0.1.0

ClawScan security

Miantiao Career Advisor · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

SuspiciousApr 17, 2026, 5:33 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's behaviour and requirements are largely coherent for a career-advice persona, but the runtime instructions reference a local knowledge file that isn't included and there are a few provenance/consent gaps you should verify before installing.
Guidance: This skill is mostly coherent: it is an instruction-only, persona-driven career adviser and asks for nothing sensitive. Before installing, check these things: 1) The SKILL.md expects a 'references/knowledge.md' file but it wasn't included — ask the publisher where that file comes from and review its contents for any sensitive data or surprising instructions. 2) The skill claims to be an "AI clone" of a named influencer — verify you have permission to impersonate or brand content under that person's name (legal/IP risk). 3) Because the skill runs autonomously by default, test its outputs in a safe environment to ensure it adheres to the promised non-judgmental, non-prescriptive tone and doesn't ask users for private credentials or personal data. If the missing knowledge file is supplied and reviewed and you confirm provenance/consent for the persona, this skill appears reasonable to use.

Purpose & Capability: okName, description, and SKILL.md all consistently describe a short-form, persona-driven career-advice assistant. There are no unexpected binaries, env vars, or installs requested that are unrelated to the stated purpose.
Instruction Scope: noteThe SKILL.md defines detailed stylistic and conversational rules (concise, non-judgmental, guiding questions) which are appropriate for the stated purpose. However the instructions say to '加载 references/knowledge.md' as a reference knowledge base file — that file is not present in the provided manifest. This is an inconsistency: the runtime instructions expect reading a local resource that wasn't supplied or declared (and the skill did not declare any required config paths).
Install Mechanism: okNo install spec and no code files — the skill is instruction-only. That is low risk because it won't drop binaries or run installers on the host.
Credentials: okThe skill requests no environment variables, credentials, or config paths. Its declared resource requirements are minimal and proportional to a persona-only skill.
Persistence & Privilege: okFlags show default behavior (always: false, user-invocable: true, model invocation allowed). Nothing requests permanent or elevated presence or modification of other skills or system-wide settings.