Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
查看学邦数据。用于登录学邦后台并读取首页今日经营数据与待办数据。
v1.0.1查看学邦数据。用于登录学邦后台并读取首页今日经营数据与待办数据。 Use this skill when the user wants to: - 查看学邦今日数据 - 查看学邦数据 - 学邦今日数据 - 学邦数据 - 查看校区今日经营数据 Triggers: 学邦, 今日数据,经营数据,待办数据,校区数据
⭐ 0· 94·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill's purpose (viewing EDU.BOSS dashboard data) reasonably requires user credentials and browser automation, which the SKILL.md describes. However, the manifest declares no primary credential or required config paths while the instructions explicitly require storing and later reading login credentials from a local file (workspace/TOOLS.md). This is an incoherence between declared requirements and actual needed capabilities.
Instruction Scope
SKILL.md gives exact browser automation steps and explicitly directs the agent to prompt for account and password and then write them to a local note (workspace/TOOLS.md) for later reuse. That means the skill instructs the agent to read/write a local file containing secrets; this is beyond just transient use of credentials and not declared in the manifest. The steps also permit automatic reuse of stored credentials unless the user requests 'do not save'.
Install Mechanism
No install spec and no code files — instruction-only skill. Low disk/write/install footprint from a package-install perspective.
Credentials
No environment variables or credentials are declared in the manifest, yet the runtime instructions require account and password input and persistent storage in workspace/TOOLS.md. The manifest should declare any required config paths/credential usage. Persistently storing plaintext credentials in a note file is disproportionate and risky compared with alternatives (secure vault, platform secret store).
Persistence & Privilege
always is false (normal). The skill requests persistent storage of user credentials in a local file for future runs; this grants it ongoing access to sensitive data on disk. It does not request system-wide privileges or modify other skills, but persistent credential storage combined with autonomous invocation capability increases the blast radius if the agent is permitted to run this skill without user confirmation.
What to consider before installing
This skill will ask you for your EDU.BOSS login and (by default) store the account and password in a local file (workspace/TOOLS.md) for reuse. The manifest does not declare that file path or any credential requirement, which is a mismatch you should question. Before installing or using: (1) Ask where 'workspace/TOOLS.md' is stored and how it is protected; refuse or disable persistent saving if you prefer. (2) Prefer using a secure secrets/vault mechanism rather than a plaintext note; request that the skill be modified to use secure storage or only accept one-time credentials. (3) If possible, test with a low-privilege or throwaway EDU.BOSS account. (4) Require explicit consent each time the skill runs if you do not want automatic reuse of stored credentials. These mitigations reduce the risk of unintended credential exposure.Like a lobster shell, security has layers — review code before you run it.
latestvk974rwn6ge2hqfd1hyksmk8yzd83d280
License
MIT-0
Free to use, modify, and redistribute. No attribution required.