Back to skill
Skillv1.0.1
ClawScan security
Didichuxing · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 16, 2026, 9:24 AM
- Verdict
- Benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- This is an instruction-only Didi (滴滴出行) assistant whose description, instructions, and code samples align with its stated purpose and request no unexpected credentials or installs.
- Guidance
- This skill is instruction-only and appears coherent with its stated purpose. It provides code samples that, if you run them, will call Didi enterprise APIs and require client_id/client_secret values — the skill itself does not ask for or store credentials. Before using: (1) do not paste production client_id/client_secret or other secrets into the chat; use test or least-privilege credentials when experimenting; (2) verify the API endpoints and company policy if integrating enterprise accounts; (3) if you plan to run the sample code, run it in a controlled/dev environment and inspect requests/responses; (4) prefer creating scoped/test API keys and rotate them after use. If you want, I can scan the rest of the truncated SKILL.md (or search for any hidden instructions) to raise confidence further.
Review Dimensions
- Purpose & Capability
- okThe name/description promise ride-planning, cost estimates, enterprise car management, and Open Platform API guidance; the SKILL.md contains product comparisons, cost-estimation code, high‑level strategies, and example enterprise-API client code — all consistent with that purpose.
- Instruction Scope
- okRuntime instructions are prose and example code for cost estimates and API usage. They reference the Didi enterprise API endpoint (api.es.xiaojukeji.com) which is appropriate for an API-integration guide. The instructions do not direct the agent to read unrelated system files, environment variables, or exfiltrate data.
- Install Mechanism
- okNo install spec and no code files — this is instruction-only, so nothing will be written to disk or downloaded by the skill itself.
- Credentials
- noteThe skill declares no required env vars or credentials. Example code shows use of client_id/client_secret and access tokens (expected for API integration). Because the skill doesn't request secrets automatically, there is no disproportionate credential access, but users should avoid pasting production credentials into chat.
- Persistence & Privilege
- okalways is false and the skill does not request persistent agent-level privileges or change other skills' configs. disable-model-invocation is default false (normal) and acceptable given no other red flags.