Pluginv1.0.0

ClawScan security

CN Creator Pack 中文创作者全家桶 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 26, 2026, 11:40 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: This is an instruction-only Chinese creator skill bundle that contains five coherent sub-skills, requests no credentials or files, and has a small security surface — but installing it requires running an external installer (npx) and users should avoid pasting sensitive personal or proprietary data into prompts.
Guidance: This bundle appears to be what it says: a set of instruction-only Chinese content/creator helpers with no embedded code or credential requests. Before installing, confirm you trust 'clawhub' (the npx installer) because the recommended install commands will execute remote code from npm. Do not paste highly sensitive personal or proprietary information (full ID numbers, banking credentials, private business data) into prompts — treat pasted resumes, job descriptions, financial positions, or product secrets as data you are consciously sharing with the model. If you need live market data or integration with third‑party platforms, verify how the sub-skill obtains that data (it currently does not declare API keys), and prefer installing only the specific sub-skill you need rather than the whole bundle.

Review Dimensions

Purpose & Capability: okThe bundle's name, description, and listed sub-skills (stock analysis, short-video scripts, e‑commerce copy, resume optimization, PPT outlines) align with the runtime instructions and included metadata. There are no unexpected environment variables, binaries, or config paths requested that would contradict the stated purpose.
Instruction Scope: noteSKILL.md is purely usage and installation instructions and example prompts. It does not instruct the agent to read unrelated files, access environment variables, or call external endpoints. Note: several examples encourage pasting personal or business data (resumes, JDs, product info, stock tickers) — this is normal for the functionality but is a privacy risk if users submit sensitive data.
Install Mechanism: noteThere is no bundled install spec or code in the package (instruction-only), which lowers code-level risk. However, the documentation recommends running 'npx clawhub@latest install ...' (or installing via ClawHub). Running npx pulls and executes code from npm (clawhub) — a normal pattern but one that executes remote code, so only proceed if you trust the clawhub installer and its source.
Credentials: okThe skill declares no required environment variables, no primary credential, and no config paths. This is proportionate to the described functionality. (As a note, features like live stock data might require external data sources in practice, but none are requested here.)
Persistence & Privilege: okFlags show the skill is not always-enabled and is user-invocable. There is no code that would request persistent system privileges or modify other skills. Because this is instruction-only, it does not write files or demand elevated presence.