Back to skill
Skillv1.0.0
ClawScan security
内容裂变工厂 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 29, 2026, 7:43 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- This skill is an orchestration workflow that coordinates other skills (hotspot scraping, AI analysis, image generation, article generation, Feishu archiving); its declared behavior aligns with what it requests and contains and it doesn't itself ask for credentials or install code.
- Guidance
- This orchestration skill itself is coherent and does not request secrets or install code. Before enabling it (especially for scheduled runs), review and limit the credentials and permissions of the component skills it calls: Agent-Reach (scraping cookies/API access), card-renderer (image backend), wechat-article-pro (model access), and feishu_doc (Feishu bot token/folder access). Ensure tokens are stored securely, scope Feishu bot permissions to only the target folder, confirm scraping complies with platform terms/rate limits and privacy rules, and audit the implementations of the included skills (Agent-Reach, summarize, card-renderer, wechat-article-pro, feishu_doc) since those are the components that will access external systems and hold secrets.
Review Dimensions
- Purpose & Capability
- okThe name/description claim an end-to-end content pipeline and the SKILL.md/workflow.json implement exactly that by calling other skills (Agent-Reach, summarize, card-renderer, wechat-article-pro, feishu_doc). The workflow delegates platform-specific access/credentials to those component skills, so the lack of env vars/install here is coherent.
- Instruction Scope
- noteInstructions remain inside the stated purpose: fetch trending data → analyze → render cards → generate article → archive. They reference editing workflow.json and supplying a feishu folder token, and they assume the other skills are configured. Nothing in SKILL.md asks the agent to read unrelated system files or to exfiltrate arbitrary data, but runtime will depend on the permissions given to the component skills (e.g., web scraping cookies, Feishu bot token).
- Install Mechanism
- okNo install spec and no bundled code — instruction-only skill. This is lowest-risk in terms of on-disk installs; all execution is via other skills already present in the environment.
- Credentials
- noteThe skill itself does not require environment variables or credentials. However the workflow exposes optional inputs that can carry sensitive tokens (e.g., feishu_folder/folder_token) and relies on other skills (Agent-Reach, feishu_doc, card-renderer, wechat-article-pro) that will require cookies, API tokens, or model access. Those downstream credentials are expected for this pipeline but should be audited and scoped minimally.
- Persistence & Privilege
- okalways is false and there is no attempt to modify other skills or system-wide settings. It can be scheduled or invoked autonomously per platform defaults, which is reasonable for an automation workflow; users should be mindful of what credentials are granted to the component skills when enabling scheduled runs.