Skillv1.0.0

ClawScan security

Private Domain Operator · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignApr 12, 2026, 8:53 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: This is an instruction-only assistant for WeCom (WeChat Work) private-domain / SCRM operations; the files and runtime instructions match the stated purpose and request no credentials or installs.
Guidance: This skill is a documentation-style/systems-advice assistant for WeCom private-domain operations and appears internally consistent and low-risk as distributed (instruction-only, no installs, no credentials requested). Before using it in a production agent: (1) do not provide any WeCom/SCRM API keys or service tokens to the agent unless you trust and have audited the integration code that will use them; (2) ensure any automation that sends messages complies with WeCom rules and local privacy laws (PIPL); (3) if a future version adds an install step or required env vars, inspect the install source and the exact variables requested before granting them; and (4) limit autonomous/outbound actions (message sending, friend-adding) via platform policy controls or human approval to avoid accidental mass messaging or policy violations.

Purpose & Capability: okThe name/description (Private Domain Operator) matches the content: operational guidance, SOPs, YAML/SQL/Python examples and strategy for WeCom private-domain operations. There are no unrelated requirements (no binaries, env vars, or installs) that are disproportionate to the stated purpose.
Instruction Scope: okSKILL.md and associated docs are role/style/memory guidance and example configurations/SOPs. They do not instruct the agent to read local files, exfiltrate data, call external endpoints, or access credentials. The instructions are narrowly scoped to advisory and configuration examples.
Install Mechanism: okNo install spec and no code files—this is instruction-only. That is the lowest-risk install model and consistent with a documentation/assistant skill.
Credentials: okThe skill declares no required environment variables, no primary credential, and no config paths. This is proportional for a consultant/guide. Note: real integrations described in the docs (WeCom, SCRM, Mini Program) would require credentials if you later connect the agent to live systems, but the skill itself does not request them.
Persistence & Privilege: okalways is false and model invocation is allowed (the platform default). The skill does not request persistent system-level presence or attempt to modify other skills or system configs.