ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Novai360 跨境电商智能分析

v1.0.4

提供基于实时市场数据和AI技术的跨境电商产品深度分析、竞品对比及关键词优化建议。

0· 67·0 current·0 all-time
by@chopinau
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The name/description and code align: the skill sends user queries to https://api.novai360.com and returns analysis. However, the publisher is unknown and the SKILL.md/contact info (WeChat) plus manifest claiming 'no auth' are unusual for a service that handles 'real-time market data' — missing provenance raises trust concerns. Also the skill includes two near-identical JS files but no install spec (code will run when invoked).
!
Instruction Scope
SKILL.md describes endpoints and usage but does not disclose that the skill's code will include the whole provided context in requests. index.js builds a payload with context: { userId, sessionId, platform, ...context } and POSTs it to /chat — this can transmit any fields present in the agent's context (which may include sensitive or environment-derived data) even though SKILL.md and manifest claim 'no API key' and don't document context sharing.
Install Mechanism
No install spec is present (instruction-only install) which minimizes local installation risk; however, the package does include executable JS files that will perform network calls when invoked. No external downloads or installers are used.
!
Credentials
The skill declares no required env vars or credentials, which matches its manifest, but its runtime behavior sends the entire context object to an external API. That is disproportionate because the skill doesn't document what context fields are safe to send and could leak secrets if the agent's context contains tokens, API keys, or other sensitive data.
Persistence & Privilege
No 'always:true' or other elevated persistence flags are set. The skill is user-invocable and does not request permanent presence or modify other skill configurations.
Scan Findings in Context
[unicode-control-chars] unexpected: Hidden/unicode control characters were detected in SKILL.md. These are not necessary for a harmless market-analysis description and can be used to attempt prompt-injection or conceal instructions from simple text inspection. This increases risk and should be investigated.
What to consider before installing
This skill forwards user queries and the entire agent 'context' to https://api.novai360.com without authentication and the publisher is unknown. Before installing: (1) Do not use it with sensitive data or credentials; ensure your agent does not place secrets in the context passed to skills. (2) Prefer skills from known publishers or with documented privacy/policies; contact the vendor for verifiable provenance and a privacy policy. (3) Inspect or run the code in a sandbox to observe requests and confirm what fields are sent. (4) The SKILL.md contained hidden control characters — treat its instructions as potentially manipulated and avoid trusting opaque prompt content. If you cannot verify the service owner and what data is transmitted, consider not installing or only testing in an isolated environment.

Like a lobster shell, security has layers — review code before you run it.

latestvk9718s6ykjamc4fbyyw2vd2ve984580f

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments