Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The SKILL.md and many scripts clearly require Tencent Cloud API credentials (TENCENTCLOUD_SECRET_ID and TENCENTCLOUD_SECRET_KEY) and SSH passwords, but the registry metadata declares no required environment variables or primary credential. That mismatch is unexpected and incoherent: a CVM tool should declare it needs cloud credentials.
Instruction Scope
SKILL.md instructs the user to export Tencent Cloud credentials and to install tccli/jq/sshpass. The included scripts then use those credentials and also persist instance passwords to a local file ($HOME/.tencent_cvm_passwords). Scripts print and store plaintext passwords, run remote commands that can read sensitive files (e.g., /etc/passwd, env, logs), and support service management (systemctl start/stop/etc.). Although SKILL.md claims write operations require manual confirmation, the scripts provide direct mechanisms for potentially destructive actions (service-manage.sh) and store secrets on disk and stdout — this broad data handling is beyond a simple query-only tool and should be considered sensitive.
Install Mechanism
There is no install spec (instruction-only in registry), but the bundle includes 29+ scripts and assets that will be executed locally. SKILL.md tells the user how to install dependencies (pip, apt, brew) but the package does not automatically install anything. Absence of an install step is not malicious by itself, but the presence of many executable scripts means installing/running them will write to disk and persist secrets.
Credentials
The code expects and requires TENCENTCLOUD_SECRET_ID and TENCENTCLOUD_SECRET_KEY (check_credentials in scripts/common.sh, and SKILL.md shows them as required), yet the skill metadata lists no required env vars. The scripts also create and read a local password file (CVM_PASSWORD_FILE defaulting to ~/.tencent_cvm_passwords) and sometimes print passwords to the console. Requesting cloud API keys and storing instance passwords is functionally necessary for a CVM ops tool, but the omission from metadata and the insecure handling (plaintext storage and stdout exposure) are disproportionate and risky if you don't control where/how the skill runs.
Persistence & Privilege
The skill persists instance passwords to a file in the user's home and creates/updates that file (init_password_file, save_instance_password, update_instance_host). always:false and no automatic autonomous invocation are good, but the skill will leave sensitive data on disk and print it to logs — review file permissions and consider moving to a secure secrets store. The skill does not modify other skills or system-wide agent settings.
What to consider before installing
This package is a full CLI/bash toolkit for Tencent Cloud CVM and will require your Tencent API keys and instance passwords to work — but the registry metadata did not declare those requirements. Before installing or running it: 1) Verify the source and trustworthiness of this bundle (no homepage provided). 2) Inspect the scripts locally (they are included) and confirm you are comfortable with plaintext password storage at ~/.tencent_cvm_passwords and the fact that scripts print passwords to stdout. 3) Prefer SSH key-based access over sshpass/passwords; if you must use passwords, restrict the password file (chmod 600) and consider storing secrets in a dedicated secret manager. 4) Be aware scripts can perform service management (systemctl) and file transfers — run them manually and avoid granting broad automation privileges. 5) If you expect the skill to be used by an agent, ensure the agent is not allowed to auto-run destructive operations; the metadata omission of required env vars should be corrected by the author before trusting automated workflows.Like a lobster shell, security has layers — review code before you run it.
latestvk979h7vws1ahza9zw4gerz7s0s80n0b1
License
MIT-0
Free to use, modify, and redistribute. No attribution required.