Skillv1.6.0

ClawScan security

Dtc Report · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 13, 2026, 9:09 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's code and instructions match its reporting purpose, but it includes hardcoded local paths and broad local file access with undeclared dependencies — this is coherent for a report generator but raises data-access and operational concerns.
Guidance: This skill appears to implement the described DTC report generator, but review the following before installing/ running: 1) The Python scripts use hardcoded absolute Windows paths (C:\Users\wwl\...) to locate business data — if those paths exist on your machine the scripts will read all matching Excel files. Ensure you understand which local files will be accessed or modify the scripts to point to a safe, intended data directory. 2) The repository uses openpyxl and other Python libraries that are not declared; run in a controlled environment (virtualenv/container) and inspect/lock dependencies before executing. 3) Test the skill on a copy of non-sensitive sample data first to validate behavior. 4) There are no network exfiltration calls visible in the provided files, but future/planned LLM integration is referenced in docs (not implemented) — if networked model calls are later added, re-evaluate data sharing risks. 5) If you cannot audit the code yourself, run it only in an isolated sandbox and confirm outputs and file accesses (e.g., with file-system monitoring) before granting access to production data.

Review Dimensions

Purpose & Capability: okName/description ↔ code: the Python scripts implement the DTC report generation and AI analysis described in SKILL.md (reading budget, revenue, volume, warehouse and customer Excel files). The files included (generate_report.py, ai_analysis.py, read_* modules) are expected for this purpose.
Instruction Scope: concernSKILL.md instructs running local Python scripts that will scan and parse many Excel files. The runtime instructions and scripts access local data directories and enumerate patterns like '*所有业务收入明细*.xlsx' and '*客户仓库*.xlsx'. This will read whatever matching files exist on disk (including potentially sensitive business data). The SKILL.md does not require or show a configurable data path, while the code uses absolute user-specific paths (see next).
Install Mechanism: okNo install spec is provided (instruction-only). That minimizes remote-code install risk. However, the code depends on Python and third-party libraries (openpyxl) that are not declared in the skill metadata; the agent or user must ensure these are present.
Credentials: concernThe skill requests no environment variables or external credentials, which is appropriate. But multiple scripts contain hardcoded absolute paths to a Windows user workspace (e.g., C:\Users\wwl\.openclaw\workspace-跨境电商\data...), causing the skill to directly access the installer's filesystem without a clear configuration step. Missing declared dependencies (openpyxl) and lack of a configurable data-directory in SKILL.md reduce transparency.
Persistence & Privilege: okFlags show always:false and user-invocable:true. The skill does not request permanent platform presence or system-wide configuration changes. It writes reports to an output directory per the CLI args (normal for this kind of tool).