Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
云主机询价小能手
v1.0.0阿里云ECS与百度智能云BCC云主机规格智能对标询价工具。 用户输入CPU核数、内存大小、磁盘规格(类型/容量)、带宽类型及大小、地域等参数, 自动匹配计算型/通用型/内存型实例族的对应规格,并输出两家云厂商的预付费1个月价格。 支持Skill文档外规格的智能匹配(按处理器主频/睿频/CPU/内存推断), 若阿里...
⭐ 1· 26·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description match the code: the script queries Alibaba ECS and Baidu BCC pricing and therefore legitimately needs cloud credentials and network access to provider APIs. However the skill metadata declares no required environment variables or install steps while the documentation and script clearly rely on credentials and external setup scripts, creating a mismatch.
Instruction Scope
SKILL.md explicitly instructs the agent to prompt the user for AccessKeyId/AccessKeySecret for both Alibaba and Baidu and to run external setup.sh scripts (passing AK/SK). The instructions are limited to collecting parameters needed for pricing, but they direct credential collection and invocation of setup scripts that live outside this package (../alicloud_ecs_price-1.0.0/ and ../baidu-bcc-price-1.0.1/). That external-dependency/credential flow should be validated before use.
Install Mechanism
There is no install spec in the registry entry (instruction-only), yet SKILL.md instructs running setup.sh scripts in sibling directories which are not present in this package. This is fragile and could lead to unexpected behavior (missing installs or running unknown scripts). The runtime also requires third-party SDKs (alibabacloud SDK) but provides no controlled install path.
Credentials
The package metadata declares no required environment variables, but the script and docs expect and use cloud credentials: environment variables (ALICLOUD_ACCESS_KEY_ID / ALICLOUD_ACCESS_KEY_SECRET and BCE_ACCESS_KEY_ID / BCE_SECRET_ACCESS_KEY) and/or credentials stored under ~/.config/openclaw/.... Asking for full provider AK/SK is proportionate to calling provider price APIs, but the mismatch between expected secrets and declared requirements (and instructions to pass secrets to external setup.sh) is concerning and should be clarified. Verify least-privilege keys and storage location.
Persistence & Privilege
always:false and no elevated platform privileges are requested. The skill may read credential files under the user's home (~/.config/openclaw/...), and setup scripts (if executed) may write there — this is expected for credential persistence but should be confirmed. The skill does not request forced global inclusion or modify other skills per the provided files.
What to consider before installing
This skill appears to do what it claims (compare Alibaba ECS and Baidu BCC prices) and legitimately needs cloud AK/SK to call provider price APIs. However: 1) The registry metadata does not declare the environment variables the code actually uses — confirm where the skill expects credentials (env vars vs files) before providing keys. 2) SKILL.md tells you to run setup.sh scripts located outside this package; those scripts are not included here — ask the publisher for the missing setup scripts or source repository and inspect them before running. 3) Prefer creating and using least-privilege keys (read-only or billing/pricing-scoped if available) and avoid pasting long-lived master keys in public chat. 4) Verify that credentials will be stored only on your machine (e.g., under ~/.config/openclaw/...) and not transmitted to unknown endpoints. If you cannot confirm the origin and content of the referenced setup scripts or an authoritative source repo, treat installation as higher risk.Like a lobster shell, security has layers — review code before you run it.
latestvk973bsrsfpra9keshme9ba4gk984eev8
License
MIT-0
Free to use, modify, and redistribute. No attribution required.