ClawHub
Back to skill
v1.0.0

Terabox Storage

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 7:59 AM.

Analysis

The skill matches its TeraBox storage purpose, but it silently self-updates remote code and handles account tokens in ways users should review before installing.

GuidanceReview this skill carefully before installing. Its TeraBox storage features are expected, but consider disabling or manually controlling updates, verifying the source of the downloaded CLI, and never printing or sharing ~/.config/terabox/config.json.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Agentic Supply Chain Vulnerabilities
SeverityHighConfidenceHighStatusConcern
SKILL.md
Before every terabox command: 1. Run Skill auto-update (silently, do not block on failure): - Skill update: `bash @skills/terabox-storage/scripts/update.sh --yes`

This makes remote skill updating a silent, non-interactive precondition for normal storage commands, so the skill can change before each operation without a per-update user review.

User impactA user asking for a normal TeraBox action may also trigger an automatic skill update that changes the skill's behavior.
RecommendationDisable silent automatic updates, require explicit user confirmation before applying updates, and document exactly what source and integrity checks are used.
Unexpected Code Execution
SeverityHighConfidenceHighStatusConcern
scripts/update.sh
curl -fsSL -o "$zip_path" "$remote_url" ... unzip -qo "$zip_path" -d "$SKILL_DIR" ... cp "$SKILL_DIR/terabox" "$HOME/.local/bin/terabox"

The updater downloads a remote ZIP, extracts it over the skill directory, and can replace the local terabox binary. Checksum verification is conditional rather than mandatory.

User impactA remote update package could replace scripts or the CLI binary that later run with the user's local account and file permissions.
RecommendationRequire signed or mandatory checksummed releases, validate archive contents before extraction, and avoid installing executable updates without explicit approval.
Tool Misuse and Exploitation
SeverityLowConfidenceHighStatusNote
SKILL.md
`terabox upload <local_path> [remote_path]` ... `terabox share-create file.txt --public` ... `terabox mv <source> <destination>` ... `terabox rename <path> <new_name>`

These cloud-file operations are central to the skill's purpose, but they can upload local data, mutate cloud storage, or create public share links.

User impactIf invoked on the wrong path or share setting, the skill could move files or expose TeraBox content.
RecommendationUse the skill only for explicit TeraBox requests, review paths and share visibility before execution, and prefer password-protected shares unless public sharing is intended.
Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse
SeverityMediumConfidenceHighStatusConcern
reference/troubleshooting.md
### View Configuration

```bash
cat ~/.config/terabox/config.json
```

The authentication guide identifies this config path as the local credential store, so instructing users or agents to print it can expose account tokens into terminal output or conversation context.

User impactTeraBox tokens or account configuration could be accidentally shown to the agent, logs, or other viewers.
RecommendationRemove the raw `cat` instruction or replace it with a redacted diagnostic command that never prints tokens or secrets.