Back to skill
Skillv1.0.0
ClawScan security
address-extractor · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 11, 2026, 9:34 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's code and instructions are coherent with an address-extraction + AMap-geocoding purpose; there are minor implementation/packaging issues and privacy considerations but no signs of intentional misdirection or hidden exfiltration.
- Guidance
- This skill appears to do what it advertises, but check these points before installing or using it with real user data: - Privacy: When geocoding, the code sends address strings to AMap (restapi.amap.com). If your inputs contain personal data (names, phone numbers, other PII), those strings may be transmitted to the external service. Ensure you have consent and that this meets your privacy/regulatory requirements. - API key: Provide your own AMap API key to enable coordinate lookups. Without it the skill still extracts components but won't return coordinates. - Dependency and runtime: The script uses the 'requests' library but the skill metadata has no install step. Make sure 'requests' is available in your agent runtime (pip install requests) before relying on the skill. - Accuracy vs. claims: The SKILL.md states it 'filters personal sensitive information' broadly, but the implementation only removes certain labeled notes (e.g., patterns like '姓名:' or '电话:'); it does not robustly anonymize free-form names or phone numbers. If you need to avoid sending PII to external services, sanitize inputs yourself or modify the script to remove/obfuscate sensitive fields. - Code quality: There are minor implementation issues (regex patterns and handling) that could affect extraction robustness. Review and test with representative samples before production use. If you need higher assurance about data handling, consider running the parser without geocoding (no API key) or using an internal/offline geocoder to avoid transmitting addresses to third parties.
Review Dimensions
- Purpose & Capability
- okName and description match the included code: the Python AddressExtractor extracts address components, standardizes them and (optionally) calls AMap geocoding. Requests to the AMap REST API are expected for the stated purpose.
- Instruction Scope
- noteSKILL.md claims automatic filtering of 'personal sensitive information' (姓名、年龄、性别等). The implementation removes explicit 'invalid note' patterns (e.g., strings that begin with '备注:', '电话:', '姓名:' etc.) but does not comprehensively scrub free-form names or phone numbers that are not formatted as those labeled notes. The SKILL.md also instructs callers to pass an AMap API key and to call methods in the provided script — those instructions align with the code.
- Install Mechanism
- noteThere is no install spec (instruction-only + code file). The code imports 'requests' but the skill does not declare dependencies or provide an install step; users must ensure the runtime has the requests package. No suspicious remote download or execution observed.
- Credentials
- okNo environment variables or credentials are required by the skill metadata. The AMap API key is optional in code (recommended for coordinates) and is proportionate to the geocoding feature. The skill performs outbound requests to the official AMap REST endpoint, which is appropriate for obtaining coordinates.
- Persistence & Privilege
- okSkill is not 'always' enabled and does not request elevated or persistent platform privileges. It does not modify other skills or system-wide configuration. Autonomous invocation is allowed by default (platform behavior) but not combined with concerning access patterns.