Back to skill
Skillv1.0.0
ClawScan security
Qq · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 16, 2026, 9:18 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- This is an instruction-only QQ developer assistant whose requested resources and instructions match its stated purpose and do not ask for unrelated credentials or installs.
- Guidance
- This is a documentation-style QQ development assistant and appears coherent. Before using code examples: provide your AppID/AppSecret and bot tokens only in trusted environments; verify API endpoints are official (the examples reference bots.qq.com and api.sgroup.qq.com); never paste secrets into unknown web UIs; if you plan to run or deploy code derived from these examples, review and test it in a sandbox and follow secure secret-handling practices (use environment variables or a secrets manager, restrict token scopes).
Review Dimensions
- Purpose & Capability
- okName/description (QQ 开发助手) align with the SKILL.md content: guidance and code examples for QQ bots, channels, mini-programs, OAuth, and WebSocket event handling. Nothing requested (no env vars, no binaries) is unrelated to developer tasks.
- Instruction Scope
- okRuntime instructions are code examples and API call patterns focused on QQ platform endpoints. They require typical developer secrets (AppID/AppSecret, bot tokens) in examples but do not instruct reading unrelated local files, system credentials, or exfiltrating data to unexpected endpoints.
- Install Mechanism
- okNo install spec and no code files — instruction-only content. This is the lowest-risk install model and consistent with a documentation/helper skill.
- Credentials
- okThe SKILL.md shows use of tokens/AppID/AppSecret in examples but the skill declares no required environment variables or credentials. That is reasonable for a docs-style helper; it does not demand unrelated secrets or platform credentials.
- Persistence & Privilege
- okalways is false and default autonomy is allowed (normal). The skill does not request persistent system presence, nor does it attempt to modify other skills or system config.