Back to plugin
Pluginv1.0.0
ClawScan security
Cn LLM · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 22, 2026, 7:41 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The package and runtime instructions are internally consistent: it requires only AISA_API_KEY and python3 to talk to the AIsa API (api.aisa.one) and the included code matches that stated purpose.
- Guidance
- This package appears coherent with its stated purpose, but consider these practical precautions before installing: (1) AISA_API_KEY grants access to your AIsa account and could incur billing — only use a key you trust and consider a scoped/restricted key if available. (2) The included Python client sends any prompt/content to https://api.aisa.one; avoid sending sensitive PII or secrets through the skill. (3) Review the bundled scripts (skills/cn-llm/scripts/cn_llm_client.py) yourself if you have concerns; it is small and readable. (4) Store and rotate the API key securely (avoid committing it to repos), and remove the plugin and revoke the key if you stop using the service. (5) If you need higher assurance, run the client in an isolated environment or sandbox first.
Review Dimensions
- Purpose & Capability
- okThe name/description claim Chinese-LLM access and model routing via AIsa; the package only asks for AISA_API_KEY and includes a Python client that calls https://api.aisa.one/v1. Required items (python3, AISA_API_KEY) match the stated purpose; no unrelated credentials or binaries are requested.
- Instruction Scope
- okSKILL.md instructs using the shipped scripts and setting AISA_API_KEY. The Python script only reads the AISA_API_KEY environment variable, accepts CLI args, and makes HTTP requests to the AIsa API. It does not attempt to read other system files, shell history, or unrelated environment variables, nor does it send data to unexpected endpoints.
- Install Mechanism
- okNo install spec is provided (instruction-only plugin wrapper). Code files are included in the bundle but there is no download-from-URL or archive extraction step declared. Nothing in the manifest installs arbitrary remote code during install.
- Credentials
- okOnly a single credential (AISA_API_KEY) is required and is justified: the client authenticates to the AIsa API with that key. No other SECRET/TOKEN/PASSWORD environment variables or unrelated service credentials are requested.
- Persistence & Privilege
- okalways:false (default), user-invocable:true and model invocation allowed — these are normal. The skill does not request to modify other skills or system-wide settings.