ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Alicloud Platform Openapi Product Api Discovery

v1.0.2

Discover and reconcile Alibaba Cloud product catalogs from Ticket System, Support & Service, and BSS OpenAPI; fetch OpenAPI product/version/API metadata; and...

0· 1k·2 current·2 all-time
by@cinience
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The scripts implement exactly what the skill description says: pulling product lists from Ticket System, Support & Service, BSS OpenAPI, and the OpenAPI metadata endpoints. The required Alibaba Cloud credentials (ALICLOUD_ACCESS_KEY_ID, ALICLOUD_ACCESS_KEY_SECRET, optional tokens, and service-specific endpoint/group env vars) are reasonable for this purpose. However, the registry metadata claims "Required env vars: none" and "Primary credential: none", which is inconsistent with the SKILL.md and the scripts that require cloud credentials and service endpoints.
Instruction Scope
The SKILL.md gives an explicit, narrow workflow (run the bundled Python scripts, save outputs under output/). All scripts operate on network endpoints (aliyun API/meta endpoints) and write to the output/ tree. One optional script (analyze_products_vs_skills.py) reads local files under the 'skills' directory to compare products to existing skills — that accesses other local SKILL.md files, which is within the stated 'compare vs existing skills' feature but may be surprising if you don't expect the skill to scan your repository.
Install Mechanism
This is instruction-only with bundled scripts (no install spec). It will run with the system Python and optionally requires the official aliyun Python SDK (aliyun-python-sdk-core) which the scripts check for and ask you to pip install if missing. No remote arbitrary installers or unknown download URLs are used; network calls are to documented aliyun endpoints.
!
Credentials
The scripts require sensitive credentials (ALICLOUD_ACCESS_KEY_ID, ALICLOUD_ACCESS_KEY_SECRET and optional STS tokens) and service-specific env vars (TICKET_ENDPOINT, SUPPORT_ENDPOINT, SUPPORT_GROUP_ID, etc.), which are proportionate to calling the relevant Alibaba Cloud APIs. The concern is that the registry metadata does not declare these required env vars; that omission could lead users to install/run the skill without realizing they must provide credentials. Also the scripts will read the local 'skills' tree (analyze step), which may expose local content to the tool’s output files.
Persistence & Privilege
The skill is not marked always:true and does not request permanent presence or attempt to modify other skills or global agent settings. It only writes outputs under output/ as documented. Autonomous invocation is allowed (platform default) but not a new concern here.
What to consider before installing
This skill appears to do what it says (discover Alibaba Cloud products/APIs) and legitimately requires Alibaba Cloud API credentials and some service endpoints. Before installing or running it: - Expect to provide ALICLOUD_ACCESS_KEY_ID and ALICLOUD_ACCESS_KEY_SECRET (prefer short-lived STS tokens and least-privilege roles). The registry metadata incorrectly lists no required env vars—do not trust that field. - Inspect the bundled scripts yourself (they are included) and run them in an isolated environment or container. They only call documented aliyun endpoints (api.aliyun.com and service domains) and write under output/. - Note the optional analyze_products_vs_skills.py will read files under a local 'skills' directory to compare coverage; if that is sensitive, avoid running that step or run it in a copied/filtered workspace. - The scripts check for and may require installing aliyun-python-sdk-core via pip; only install packages from trusted sources. - Use least-privilege credentials and monitor network/file outputs. If you want higher assurance, ask the publisher for a manifest listing required env vars and a brief explanation of which calls are read-only vs mutating (the SKILL.md already says to ask before running mutating operations).

Like a lobster shell, security has layers — review code before you run it.

latestvk97f9y3mjjcm4t9b4pk3v0p7cn82pz05

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments