ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

爱图表桑基图(流向图)

v1.0.1

AI桑基图(流向图)生成。根据用户数据自动整理并创建桑基图可视化项目。当用户想要创建桑基图、流向图、展示数据流向关系时使用,触发词包括"桑基图"、"流向图"、"sankey"、"sankey chart"、"flow diagram"、"data flow"、"create sankey"等。

0· 159·0 current·0 all-time
by@aitubiao
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The skill's name and description (create Sankey diagrams via an API) match the instructions which call aitubiao API endpoints to create projects. However the skill requires reading and writing a persistent credentials file in the user's home directory (~/.aitubiao/credentials) and sourcing environment variables, yet the registry metadata lists no required config paths or primary credential. That undeclared persistence is an inconsistency.
Instruction Scope
SKILL.md stays within the Sankey-generation workflow: collect/parse user data, check quota, create project via specific API endpoints, return project URL and metadata. It explicitly forbids local fallbacks and requires API-only generation. The instructions also tell the agent to read local files when the user provides them and to use Read/xlsx tools for Excel. These actions are reasonable for this purpose but grant the skill the ability to read user-supplied local files and the user's ~/.aitubiao/credentials — which should have been declared up-front.
Install Mechanism
Instruction-only skill with no install spec and no code files. No packages or remote downloads are requested — this is low-risk from an install mechanism perspective.
!
Credentials
The skill does not declare any required env vars or a primary credential in metadata, yet the runtime instructions require an API key (expected for an external service) and instruct persisting it to ~/.aitubiao/credentials and sourcing it into the environment. Requiring and persisting an API key is proportionate to calling aitubiao APIs, but the omission from metadata (required config paths / primaryEnv) is an inconsistency and reduces transparency. Also the skill instructs the user to paste an API key into chat — which has privacy implications.
!
Persistence & Privilege
The skill writes a persistent credentials file (~/.aitubiao/credentials) with chmod 600 and later sources it. Persisting user secrets is reasonable for a remote-API integration but should be declared in the skill manifest. The skill is not always:true and does not request other system-wide privileges, but undisclosed filesystem writes are a material concern.
What to consider before installing
Before installing or using this skill: - Understand it will send your provided data to https://api.aitubiao.com — do not use it for data you cannot share with that service. - It asks you to paste an API key and will save it in ~/.aitubiao/credentials for later use. Only do this if you trust the provider and the key; consider creating a scoped or ephemeral API key. - The skill metadata did not declare the credential/config file or primary credential; ask the author (or avoid) until the manifest is fixed or the source is available. - Avoid pasting highly sensitive credentials into public chats. If unsure, test with non-sensitive example data or a limited-scope API key. - Higher confidence would require a verifiable source/homepage, an updated manifest listing required config path(s)/primary credential, and clarity on the API provider's privacy/security posture.

Like a lobster shell, security has layers — review code before you run it.

latestvk97896r5yy5rn36xr9vhw5y3cs843abe

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments