Skillv1.0.8

ClawScan security

专业宠物（猫、狗及异宠）多轮医疗问诊 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 12, 2026, 3:41 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill mostly matches a VetMew API client for multi-turn pet consultations, but there are small mismatches between the SKILL.md instructions and the actual code (credential retrieval steps and an unimplemented interactive onboarding call), and the runtime instructions ask the agent to read a platform config path — these inconsistencies warrant caution before installing.
Guidance: This skill appears to be a legitimate VetMew API client, but before installing you should: 1) Only provide the VETMEW_AUTH_TOKEN (API_KEY:API_SECRET) if you trust the vetmew domains (platformx.vetmew.com and oss-vetmew.vetmew.com). 2) Note SKILL.md instructs reading ~/.openclaw/openclaw.json for a stored key, but the shipped code does not implement that — avoid giving the agent blanket read access to your home config unless necessary. 3) The code references client.onboard_credentials(), but no such method exists in client.py — expect the interactive onboarding flow to be non-functional. 4) Review and confirm the network endpoints are the official VetMew endpoints and that storing conversation IDs in your agent/platform variables meets your privacy policy. If any of these points are unclear, request the skill author to (a) remove or clarify the openclaw.json retrieval step, (b) either implement or remove the onboarding call, and (c) document exactly what is persisted and where.

Review Dimensions

Purpose & Capability: noteName/description, required binary (python3), required env var (VETMEW_AUTH_TOKEN), included scripts, and network endpoints all align with a VetMew consultation client. The dependencies (requests, python-dotenv) are proportionate to the task.
Instruction Scope: concernSKILL.md instructs the agent to retrieve credentials by reading ~/.openclaw/openclaw.json (specific field) and to persist session IDs into platform variables. The code, however, only reads VETMEW_AUTH_TOKEN (and .env via python-dotenv) and does not implement reading openclaw.json or separate VETMEW_API_KEY/VETMEW_API_SECRET. Directing an agent to read home-directory platform config is sensitive and should be justified; the mismatch between instructions and implementation is concerning.
Install Mechanism: okNo remote downloads; metadata and SKILL.md indicate pip install -r requirements.txt (requests, python-dotenv). This is a standard, traceable install path and matches the code usage.
Credentials: noteOnly a single primary credential (VETMEW_AUTH_TOKEN) is required, which is appropriate for an API client. SKILL.md mentions alternative retrieval methods (openclaw.json and concatenating separate env vars) that are not implemented in the client — this discrepancy should be clarified. The code does not request unrelated credentials.
Persistence & Privilege: noteThe skill asks the agent/platform to persist conversation IDs into platform session slots (VETMEW_MEDICAL_SESSION, VETMEW_EXOTIC_SESSION, VETMEW_CHAT_SESSION). always is false and the skill does not attempt to modify other skills or system-wide settings. Persisting per-skill session IDs is reasonable, but you should confirm the platform storage APIs used will not expose other secrets.