AI短信发送工具
ReviewAudited by ClawScan on May 10, 2026.
Overview
This skill appears to send Chuanglan SMS as advertised, but it can send paid or bulk texts and handles API credentials in ways that need review.
Install only if you need automated Chuanglan SMS sending. Use a dedicated low-quota API account, keep IP whitelisting enabled, avoid untrusted .env files, do not set CHANGLAN_API_URL unless you fully trust the endpoint, and require manual confirmation before any real or bulk SMS send.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A mistaken or overly broad agent invocation could send paid SMS messages to many recipients, causing cost, privacy, or reputation impact.
The skill exposes a command that sends real SMS messages and documents bulk sending up to 1000 recipients, but the artifacts do not include confirmation, preview, rate-limit, spend-limit, or recipient-validation guidance.
sms-send --phone <手机号> --template <模板ID> [--vars '<变量JSON>']; 批量发送时多个手机号用逗号分隔,最多1000个
Require explicit user confirmation before every send, add a preview of recipients/template/variables, cap bulk recipient counts by default, and use account quotas or test credentials.
If the environment is misconfigured or influenced, the SMS account password could be sent to an unintended endpoint; local process listings or logs may also expose the request body while curl runs.
The API password is embedded in the request body, the destination URL can be overridden by an undocumented environment variable, and the body is supplied to curl as a command-line argument.
: "${CHANGLAN_API_URL:=https://smssh.253.com/msg/sms/v2/tpl/send}" ... "password": "${CHANGLAN_PASSWORD}" ... curl ... -d "${request_body}"Pin or validate the official HTTPS API host, document any endpoint override, send the request body via stdin or a protected temporary file, and use a dedicated low-quota Chuanglan account with IP whitelist controls.
This is normal local configuration plumbing, but a tampered or untrusted .env file could run commands when the SMS command is used.
The script loads .env with shell source, which executes shell syntax in that file rather than only parsing key/value credentials.
if [[ -f "$ENV_FILE" ]]; then source "$ENV_FILE"; fi
Prefer OpenClaw secret storage or environment variables; if .env is used, keep it private and parse it as data rather than sourcing it as shell code.
Phone numbers and message-template variables will be shared with the SMS provider as part of sending messages.
Recipient phone numbers, template IDs, and template variables are sent to the Chuanglan SMS provider API, which is expected for this skill but is still a third-party data flow.
"phoneNumbers": "${phone}", "templateId": "${template}" ... curl -s -m 30 -X POST "${CHANGLAN_API_URL}"Only send numbers and variables the user has approved, ensure recipient consent/compliance, and keep provider/account access limited to this purpose.