Skillv1.0.1

ClawScan security

Huo15 Openclaw Brand Protocol · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 24, 2026, 4:16 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's requested actions and outputs align with its stated purpose (fetching and codifying brand visual specs); it is instruction-only, asks for no credentials, and returns CLI steps for the user to run rather than executing anything itself.
Guidance: This skill is instruction-only and internally coherent, but before using it: (1) verify you trust the skill source and the target URLs you provide; the skill will prompt you to run curl/npx/ImageMagick/grep commands — inspect those commands before running them and run them in a safe account or sandbox if unsure; (2) downloaded assets may be copyrighted or require permission — ensure you have the right to download/use them; (3) the agent will not execute commands itself or ask for credentials, so any network requests or file writes only happen if you run the suggested commands; (4) expect brittle heuristics (SVG fills, CSS grep) and manually review results — the skill provides a verification step and confidence rating for this reason.

Review Dimensions

Purpose & Capability: okName and description (抓取品牌视觉规范并产出 brand-spec.md) match the SKILL.md instructions. The skill does not request unrelated binaries, credentials, or config paths and only prescribes how to find, download, verify, and codify brand assets — which is proportionate to its purpose.
Instruction Scope: noteThe SKILL.md gives a tight 5-step workflow and explicitly avoids running child processes itself, instead returning CLI commands (curl, npx playwright-core, ImageMagick examples, grep) for the user to run. This is coherent with the stated constraint but means the user (not the agent) will perform network downloads and local file inspection; the document references only user-supplied URLs and local ~/brand-kits paths, not other system secrets. Users should be cautious about running curl/npx commands against untrusted URLs.
Install Mechanism: okNo install spec and no code files — instruction-only. Nothing is downloaded or written by the skill itself, reducing installation risk.
Credentials: okThe skill declares no required environment variables, credentials, or special config paths. The SKILL.md does not instruct reading credentials or unrelated system files.
Persistence & Privilege: okalways is false and the skill is user-invocable; it does not request persistent presence or modification of other skills or system-wide settings. It suggests storing downloaded assets under the user's ~/brand-kits directory if the user runs the provided commands.