Back to skill
Skillv1.0.0
ClawScan security
IP 人设视频打造 SOP · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 14, 2026, 2:10 PM
- Verdict
- Benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- This is an instruction-only SOP for producing personal-brand (IP) videos; its requested footprint (no code, no installs, no credentials) matches the stated purpose, though some recommended tactics raise privacy, compliance, and authenticity concerns to consider before use.
- Guidance
- This SOP appears coherent for its stated goal, but before installing/using it consider: 1) Consent and privacy — obtain explicit, documented consent from the IP for collecting and publishing personal materials and for any outreach that uses their contacts; redact or anonymize sensitive data. 2) Platform rules and authenticity — coordinated comments/likes, prompting friends to add the IP on private channels, and manufactured engagement can violate platform TOS and risk account penalties; avoid astroturfing and be transparent. 3) Legal/compliance — avoid coaching IPs to make unverified medical/financial claims; keep records of fact‑checks. 4) Operational security — when outsourcing editing or storing media, use NDAs and secure storage; limit who can access raw footage and personal data. 5) Ask the skill/source provider for provenance and sample deliverables, templates for consent forms, and clarifications about any third‑party tools (e.g., '素材下载 新片场') you are expected to use. If you need stronger guarantees about privacy and compliance, request modifications removing or replacing tactics that encourage coordinated inauthentic engagement and adding explicit consent/checklist templates.
Review Dimensions
- Purpose & Capability
- okThe name/description (IP 人设视频打造 SOP) match the SKILL.md content: a step‑by‑step process from research and interviewing to shooting, editing and publishing. There are no unrelated environment variables, binaries, or installs requested.
- Instruction Scope
- noteInstructions are narrowly focused on producing and promoting IP videos, but include operational tactics with ethical/compliance implications: coordinating team comments/likes and sending prompts to friends for cold-start, directing viewers to add a WeChat/private contact, collecting past personal materials, and '匿名走访' (anonymous field visits). These are within the skill's functional scope but can implicate privacy, platform terms of service, and authenticity rules.
- Install Mechanism
- okNo install spec and no code files — instruction-only — so nothing will be written to disk or downloaded during install. This is low-risk from an install/execution perspective.
- Credentials
- okThe skill requests no environment variables, secrets, or config paths. All runtime instructions operate at the human/process level (research, interviews, editing, publishing), so credential requests are proportionate (none).
- Persistence & Privilege
- okalways is false and the skill does not ask for persistent system privileges or to modify other skills/configurations. Autonomous invocation is allowed by default but is not combined with other concerning factors here.