得到 Skill
ReviewAudited by ClawScan on May 18, 2026.
Overview
The skill is coherent for Dedao downloads, but it requires downloading and running an unpinned external GitHub binary and uses Dedao login/session credentials.
Before installing, review the dedao-dl upstream project and consider pinning or manually verifying the binary. Use QR login if possible, avoid sharing cookie strings, confirm the active Dedao account, and require explicit approval for large or full-course downloads.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the upstream release or repository is compromised or changes unexpectedly, the agent could run unreviewed code on the user's machine.
The installer downloads whatever GitHub currently marks as the latest release asset and saves it as the executable, with no pinned version, checksum, signature, or reviewed artifact reference.
api_url = "https://api.github.com/repos/yann0917/dedao-dl/releases/latest" ... urllib.request.urlretrieve(download_url, target_exe)
Pin a specific reviewed release, verify a checksum or signature, and declare the install mechanism clearly. Users should review the upstream project before allowing installation.
Once installed, the agent can run dedao-dl commands to interact with the user's Dedao account and download files.
The helper script executes the local dedao-dl binary. This is central to the skill's purpose and uses an argument list rather than shell execution, but it is still local executable invocation.
result = subprocess.run(command, stdout=subprocess.PIPE, stderr=subprocess.STDOUT, text=True, encoding='utf-8', errors='replace')
Only allow the helper to run after approving the installed binary, and review high-impact commands before execution.
Anyone using the skill with a valid Dedao session could access and download content available to that account.
The skill relies on Dedao account login, optionally with a raw cookie string, and includes commands to list and switch logged-in users. This is expected for downloading purchased content but is sensitive account authority.
python scripts/run_dedao.py login -q ... or python scripts/run_dedao.py login -c "<cookie_string>" ... List logged-in users ... Switch user
Prefer QR login over pasting cookies, confirm the active account with `who`, and avoid sharing session cookies with the agent unless necessary.
If the guardrail is ignored, full downloads could use substantial disk space, take a long time, or affect the user's Dedao account.
The skill documents a high-impact bulk-download capability and includes an explicit user-permission guardrail.
WARNING: NEVER download a full course ... without explicit user permission. Full downloads can take hours, consume massive disk space, and trigger anti-bot bans.
Approve bulk downloads only when needed, prefer single-article downloads, and monitor disk usage and account limits.