Fully automatic Qwen registration, achieving unlimited cup renewals, with timed detection for fully automatic registration
MaliciousAudited by ClawScan on May 1, 2026.
Overview
The artifacts show a quota-evasion account-farming skill that automatically creates Qwen accounts, rotates/overwrites tokens, and delegates core work to unpinned external code.
Do not install this skill unless you intentionally want an agent to automate Qwen account creation and token replacement. It is designed to bypass API limits, uses unpinned external code, and can overwrite your existing OpenClaw auth profile without a backup.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent could create new accounts and rotate tokens to bypass provider limits, potentially violating service terms, triggering account bans, or causing unexpected account activity.
The skill explicitly uses automated registration and switching to avoid API quota limits, which is quota-evasion/account-farming behavior rather than a normal user-directed integration.
支持预测性自动切换,避免 API 额度超限 ... 生成临时邮箱 ... 自动填写注册表单
Do not install this for normal use; use provider-approved API credentials and require explicit human approval for any account creation or token change.
Your existing Qwen token can be replaced, and future gateway or agent activity may use a newly generated account instead of the account you intended.
The skill handles access and refresh tokens and overwrites the local OpenClaw auth profile, granting it high-impact authority over the agent's Qwen identity.
提取 access + refresh token 5. 写入 auth-profiles.json(覆盖旧 token)
Avoid installing unless you fully understand and authorize token replacement; at minimum, require scoped credential handling, backup of the old profile, and explicit confirmation before overwriting credentials.
The code that performs registration and token handling could change upstream without review, affecting your local credentials and browser automation flow.
The core auto-registration package is pulled from an unpinned GitHub URL and Playwright is version-ranged, leaving sensitive account/token behavior dependent on mutable external code.
git+https://github.com/2263648274/qwen-auto-register.git playwright>=1.40.0
Do not run unpinned external registration code for credential operations; require reviewed source, pinned commits or hashes, and a clear install specification.
A skill invocation can run headless browser/account automation from external code, which may change credentials or account state without the user seeing the browser flow.
When registration is triggered, the skill executes the external package's CLI in headless mode, handing control to dependency code for the sensitive account and token workflow.
sys.argv = ["auto-register", "--no-gui", "--headless"] exit_code = run_cli()
Require interactive approval before running headless automation and ensure the executed package code is included, reviewed, and pinned.
If the new token is bad, banned, or unintended, the gateway and future agent requests may fail or use the wrong account, while the previous token is not preserved.
A single automatic switch can replace the active auth profile and restart the gateway, with no rollback path described.
写入 auth-profiles.json(覆盖旧 token) ... 自动重启 Gateway ... 旧账号直接覆盖,不保留备份
Require backups, rollback instructions, isolated profiles, and explicit user confirmation before changing global gateway credentials.