Xz01 Dev Skill
ReviewAudited by ClawScan on May 16, 2026.
Overview
The skill is coherent for xz01 template development, but it can modify a live website and optionally use a Lanhu session cookie through an MCP service, so users should install it only for that workflow.
Before installing, confirm that this is the intended xz01/Hermes/Claude workflow and that you are comfortable with it touching /www/wwwroot/www.900az.com for live validation. Use backups and staging where possible, keep /root/.openclaw read-only as the skill says, restrict the Lanhu MCP service to localhost or a firewall-protected network, and review/pin any external Lanhu MCP code before running it.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Using the skill for live deployment can change what visitors see on the website or briefly break the site if the replacement or validation fails.
The documented workflow can remove and replace the live default theme and clear the site runtime cache. The same document requires a backup and frames this as an explicit live-validation deployment step, so this is purpose-aligned but high-impact.
rm -rf /www/wwwroot/www.900az.com/public/themes/default ... rm -rf /www/wwwroot/www.900az.com/runtime/*
Use these steps only when you intend to modify the live site, verify the backup was created, and prefer a staging path when possible.
Anyone with access to that cookie or the running MCP service may be able to access Lanhu design data available to the account.
The optional Lanhu integration requires a session cookie that likely grants access to the user's Lanhu projects. The artifact clearly identifies the credential and tells the agent not to hunt for it elsewhere.
`LANHU_COOKIE` is required. Do not guess it or search for it in unrelated files. The user must provide it or obtain it from a logged-in Lanhu browser session.
Provide the cookie only if you need Lanhu integration, store it in a protected .env file, and rotate/revoke it if it may have been exposed.
The installed MCP service and Python package will run code from external sources on the user's machine.
The optional setup runs third-party code and installs packages without a pinned commit or package version in the documented commands. This is a common integration pattern, but it is still supply-chain relevant.
git clone https://github.com/dsphper/lanhu-mcp.git /root/.hermes/workspace/lanhu-mcp ... pip install mcp ... docker compose up -d --build
Review the repository, pin a trusted commit/version, and use Docker isolation and least-privilege filesystem/network access.
If the MCP endpoint is reachable by other users or the public internet, they could potentially query design data through the service.
The MCP service is shared by Hermes and Claude Code and may bind to all interfaces. The artifact warns not to expose it publicly, which is appropriate, but the network boundary is important because it carries cookie-backed Lanhu access.
keep SERVER_HOST=0.0.0.0 and SERVER_PORT=8000 ... Do not expose the service publicly without access control; Lanhu cookies and cached design data are sensitive.
Bind the service to localhost where possible, firewall port 8000, and add access controls before exposing it beyond the local machine.
The service may keep running with access to the configured Lanhu cookie and cached data.
The optional integration creates a persistent background service. It is disclosed and purpose-aligned, but it continues running after the immediate task unless the user stops it.
`lanhu-mcp` is a long-running HTTP MCP server (`/mcp`), not a one-shot stdio/npx tool.
Stop or remove the container when it is no longer needed, and periodically check which MCP services are running.