Domain Check
PassAudited by VirusTotal on May 11, 2026.
Overview
Type: OpenClaw Skill Name: domain-check Version: 1.0.0 The skill is classified as suspicious due to its explicit instructions to read a sensitive Vercel API token from `~/.local/share/com.vercel.cli/auth.json` and use it in `curl` commands to interact with the Vercel API, as detailed in `SKILL.md`. Additionally, the skill demonstrates the use of `exec` with `pty: true` for interactive `npx vercel` CLI commands, granting powerful shell access. While these actions are presented as necessary for the skill's stated purpose (Vercel domain management), the direct handling of sensitive credentials and the capability for arbitrary shell execution represent significant attack surfaces and potential for misuse if the agent were compromised or given malicious instructions, thus posing a vulnerability risk rather than clear malicious intent.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If invoked carelessly, the agent could spend money or change domain ownership/configuration on the user's Vercel account.
The skill provides a raw API call that can purchase a domain using the user's Vercel token. Unlike the CLI purchase path, this API example does not include an artifact-level confirmation requirement before a billing/account mutation.
# Buy via API
curl -s -X POST "https://api.vercel.com/v1/registrar/domains${TEAM_PARAM}" ... -d '{"name": "example.com"}'Require explicit user confirmation before any buy, add, move, transfer, or remove operation, and prefer the interactive Vercel CLI purchase flow for charges.
The agent may act with the same Vercel permissions as the logged-in CLI user, including billing-related and team-domain actions.
The skill uses a local Vercel CLI auth token and team configuration to act on a personal or team account, while the registry metadata declares no credential or config-path requirement.
Requires Vercel CLI authentication (`npx vercel login`). Token is read from `~/.local/share/com.vercel.cli/auth.json`.
Declare the Vercel credential/config dependency, confirm the selected account or team before use, and use the least-privileged token or workflow available.
Users may run tools that were not installed or pinned by the skill package, especially `npx vercel`, which depends on the local npm/Vercel CLI environment.
The registry metadata does not declare runtime dependencies, yet SKILL.md tells users to run external commands such as `domain-check`, `npx vercel`, `jq`, and `curl`.
Required binaries (all must exist): none; Install specifications: No install spec — this is an instruction-only skill.
Document required binaries and versions, and advise users to install or verify the official Vercel CLI before running account-changing commands.