ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

巨量广告自动化投放技能 - LemClaw Skills

v1.0.2

集成巨量引擎广告API,实现智能自动投放、预算优化、创意测试及实时监控,助力广告ROI最大化。

0· 359·1 current·1 all-time
by@aqzzzqa
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The code and SKILL.md implement an Ocean Engine (巨量) ads client, automation, and optimizer — consistent with the declared purpose. However the registry metadata claims no required environment variables/credentials while the SKILL.md and code clearly require OCEANENGINE_ACCESS_TOKEN, APP_ID, APP_SECRET (and the code also reads OCEANENGINE_REFRESH_TOKEN). This manifest vs runtime mismatch is not proportional to the stated publishing metadata and undermines trust in the packaging.
Instruction Scope
Runtime instructions ask the user to install dependencies, set API credentials, and run automation commands (auto-launch, batch, monitoring). The instructions and code perform network calls to Ocean Engine endpoints (expected). The code persists auth state to a local config.json (stores access_token/app_secret/etc.), which is beyond simply using in-memory credentials and could persist secrets to disk — this is reasonable for an OAuth client but should be highlighted to the user.
Install Mechanism
There is no formal install spec in the registry (instruction-only), but the package includes code files and a requirements.txt; SKILL.md instructs pip install -r requirements.txt. No suspicious remote downloads are used. The mismatch (no install spec declared while code is present) is an inconsistency but not an immediate malware indicator.
!
Credentials
The SKILL.md declares OCEANENGINE_ACCESS_TOKEN, OCEANENGINE_APP_ID, OCEANENGINE_APP_SECRET, and optional OCEANENGINE_ACCOUNT_ID and OCEANENGINE_TEST_MODE. The registry metadata incorrectly lists no required env vars and no primary credential. The code also reads OCEANENGINE_REFRESH_TOKEN though SKILL.md doesn't list it. Requiring API keys/secrets is expected for this functionality, but the failure to declare them in the registry and the extra refresh token usage are concerning and reduce transparency.
Persistence & Privilege
Skill does not request elevated platform privileges and always:false. It does persist auth/config to a local file (config.json) via auth.save_config(), which stores tokens and secrets unencrypted in working directory. That local persistence is normal for clients but increases the risk that credentials remain on disk if not cleaned or protected.
What to consider before installing
Before installing, note these issues and take precautions: - The registry metadata does not list the API credentials this skill actually needs; SKILL.md and the code require OCEANENGINE_ACCESS_TOKEN, APP_ID, APP_SECRET (and the code can use OCEANENGINE_REFRESH_TOKEN). Expect to provide sensitive API credentials. - The skill saves tokens/config to a local config.json in the working directory (unencrypted). If you install/run it, ensure the runtime environment is secure and delete or protect config.json when done. - The package contains executable Python code (not instruction-only). Review requirements.txt and the code locally, and run it first in a test/sandbox account (use the provided test mode) and with low budgets to avoid accidental spend. - Ask the publisher for provenance: why does registry metadata omit required env vars, and why does SKILL.md version (1.0.0) differ from registry version (1.0.2)? Verify the author (lemclaw / 乐盟互动) and obtain a canonical source/release (e.g., GitHub repo or official vendor distribution). - If you proceed, create dedicated API credentials with minimal permissions and short expirations where possible; monitor the account and revoke credentials after testing. If you want, I can: (1) highlight exact lines that persist secrets to disk, (2) list dependencies from requirements.txt for review, or (3) show a checklist of safe steps for testing this skill in a sandbox.

Like a lobster shell, security has layers — review code before you run it.

latestvk97cr82argxy4rfy8dgqhnnzk182j80y

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments