Yoyoalphax Zentao1
Security checks across malware telemetry and agentic risk
Overview
The skill mostly matches a ZenTao integration, but it can use stored ZenTao credentials to make broad write and delete changes, including user and project data.
Install only if you trust the publisher and need write-management access to ZenTao. Use a dedicated least-privilege account, prefer HTTPS, keep TOOLS.md out of version control, and require explicit review before any create/update/delete action, especially user, project, or product deletion.
VirusTotal
64/64 vendors flagged this skill as clean.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If configured with a powerful ZenTao account, a mistaken or over-broad agent action could change or delete business/project/account data.
The client can issue destructive ZenTao API calls, including user deletion. These operations are related to ZenTao management but are broad and high-impact, with no artifact-backed scope limits beyond confirmation guidance.
elif method.upper() == 'DELETE':
response = httpx.delete(url, headers=headers, timeout=30)
...
def delete_user(self, user_id: int) -> Tuple[bool, Any]:
"""DELETE /users/{id} - 删除用户"""Use a least-privilege or read-only ZenTao account when possible, require explicit human confirmation for every write/delete, and avoid using administrator credentials unless these destructive operations are truly needed.
Anyone who can read TOOLS.md may be able to use the ZenTao account, and using HTTP could expose credentials on the network.
The skill requires ZenTao account credentials stored in a local markdown file. This is expected for the integration, but the credentials grant whatever permissions that account has, and the example endpoint is non-HTTPS.
ZenTao API credentials are stored in the `TOOLS.md` file: - **API URL:** http://<your-zentao-host>/ - **Username:** <your-username> - **Password:** <your-password>
Store TOOLS.md securely, do not commit it to version control, prefer HTTPS ZenTao URLs, and use a dedicated account with only the permissions needed.
It is harder to verify exactly which package/version is being installed and who published it.
The embedded metadata does not match the registry-provided slug/version for this evaluation, and SKILL.md/package.json use another version. This creates provenance and package-identity ambiguity, though no hidden installer or exfiltration endpoint is shown.
"slug": "yoyoalphax-zentao", "version": "1.0.6"
Verify the publisher/source before use and align registry, SKILL.md, package.json, and _meta.json metadata.
The skill may not run as documented until an undeclared dependency is installed.
The code imports httpx, but requirements.txt only lists requests and beautifulsoup4. This incomplete dependency declaration may lead to failed runs or ad-hoc dependency installation.
import requests import httpx
Declare and pin all required Python dependencies, including httpx, in requirements.txt or the install metadata.