vispatrol-alram-query
AdvisoryAudited by Static analysis on May 6, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A user may think the approval gate is configured while it is attached to a differently named entry, leaving local VisPatrol session-token access dependent on instructions rather than a clearly bound configuration check.
The skill uses a local VisPatrol session credential, but the published slug uses 'alram' while the required approval config path uses 'alarm'. Because approval is the main boundary before reading the token-bearing vpup.json file, this naming mismatch creates ambiguity about whether the correct installed entry is gated.
Slug: vispatrol-alram-query ... Primary credential: VISPATROL_SESSION_TOKEN ... Required config paths: skills.entries.vispatrol-alarm-query.config.userApprovedVpupAccess
Align the registry slug, SKILL.md name, and required config path, and add a clear refusal path if the exact approval flag for the installed skill is not present.
Installing or running the skill gives it access to a local VisPatrol session token that can query alarm and snapshot data.
The skill clearly discloses that it reads a local runtime file containing a session token and requires explicit user consent before using it for the current alarm/snapshot query.
vpup.json 提供服务地址、端口和本地 VisPatrol 会话 token;... 必须先获得用户明确同意读取 vpup.json 并使用其中的会话 token
Only enable it on trusted VisPatrol Windows hosts, confirm vpup.json is expected, and approve each run only when you intend to query those alarm records.
The skill may execute local helper commands and expose local TEMP path details during configuration lookup.
The script runs fixed local Windows/WSL helper commands to locate the Windows TEMP directory, and also uses fixed getmac logic for MAC lookup. The commands are not shown as user-controlled and are purpose-aligned with locating and decoding the local VisPatrol runtime configuration.
commands = (["cmd.exe", "/d", "/c", "echo", "%TEMP%"], ... ["powershell.exe", "-NoProfile", "-Command", "[System.IO.Path]::GetTempPath()"])
Run it only on a trusted Windows/WSL host and keep these subprocess calls fixed and narrowly scoped.
Alarm snapshot images may leave the local machine or be posted to a chat/channel if the surrounding agent integration supports uploads.
The skill instructs the agent to attach or forward snapshot images, including through Feishu robot or other image-upload channels when used. This is aligned with the alarm-report purpose, but camera snapshots can be sensitive.
默认把抓拍图片一并转发 ... 需要通过飞书机器人发送抓拍图片 ... 图片内容从 local_path 读取并交给飞书机器人发送
Only forward snapshots to approved recipients and channels, and confirm that the user expects images—not just text summaries—to be sent.
A future or compromised dependency version could affect the local script environment.
The setup guidance uses unpinned pip installs. There is no remote installer shown, but dependency versions and provenance are not locked in the artifacts.
pip install requests pip install pycryptodome
Install dependencies from trusted package indexes, pin known-good versions, and review the Python environment before running on a machine with VisPatrol session data.