Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Bailian Usage Proxy
v1.0.0阿里百炼大模型平台的多人共享账号用量统计代理服务。用于解决公司共用阿里百炼账号时无法区分个人用量的问题。当用户需要:1) 部署阿里百炼用量统计代理,2) 统计多人Token用量和调用次数,3) 管理大模型API调用配额时激活此技能。
⭐ 0· 71·0 current·0 all-time
by@bjmfjoy
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description (a proxy that forwards OpenAI-format requests to the Bailian/Alibaba large-model endpoint and tracks per-user token usage) matches the included code (proxy, DB, admin UI, scripts). However the registry metadata says 'required env vars: none' while the code expects secrets like BAILIAN_API_KEY, DATABASE_URL, SECRET_KEY, etc. This mismatch is unexpected and worth flagging.
Instruction Scope
SKILL.md and start scripts instruct the agent/administrator to place a master Bailian API key in .env and run startup scripts. The runtime instructions remain within the proxy's purpose (init DB, start service, create users, generate usage reports). But startup scripts create a default admin user (and print its API key to stdout) and write data/log files under ./data and ./logs — these behaviors can expose credentials if not handled carefully.
Install Mechanism
No remote binary downloads or obscure installers are used — installation is standard Python package installation (pip) and optional Docker compose. This is a lower-risk install mechanism. There are no download-from-arbitrary-URL steps in the files provided.
Credentials
The skill actually requires sensitive environment variables (BAILIAN_API_KEY or BAILIAN_MASTER_KEY in assets, DATABASE_URL, SECRET_KEY, optional REDIS_URL) even though the registry lists none. The presence of a default weak SECRET_KEY ('change-me-in-production') and scripts that will create and print an admin API key increase exposure risk. Also there is an inconsistency in env var names across assets (assets/docker-compose.yml references BAILIAN_MASTER_KEY while docker-compose.yml and config.py use BAILIAN_API_KEY), which could cause secrets to be misconfigured or accidentally leaked.
Persistence & Privilege
The skill is not set to always:true and does not attempt to modify other skills. It does persist data (SQLite/MySQL files, logs) and may auto-create an admin user when started. Those are normal for a service, but creating and printing an admin API key by default is a privilege that requires operational caution.
What to consider before installing
Before installing, consider the following: (1) The code expects a Bailian/Alibaba master API key (BAILIAN_API_KEY or similar) and database credentials even though the registry metadata doesn't list required env vars — supply these carefully and only to an isolated instance. (2) Change SECRET_KEY from the default and secure the DB and log directories; logs and the start scripts can print or store API keys. (3) The start scripts may create a default admin user and print its API key — rotate/delete that key or set your own admin key after install. (4) There are inconsistent env var names in provided docker-compose assets (BAILIAN_MASTER_KEY vs BAILIAN_API_KEY); confirm which you use to avoid accidental disclosure. (5) Run the service in a network-isolated environment (or behind a firewall) and review the code yourself or with a trusted engineer before handing production credentials to it. If you need higher assurance, ask the author for provenance (source repo/homepage) or run it in a sandboxed environment first.Like a lobster shell, security has layers — review code before you run it.
latestvk9782q2684tnngzfppjpajvbrh83gkp6
License
MIT-0
Free to use, modify, and redistribute. No attribution required.