Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Aliyun Milvus Search
v1.0.0Use when working with AliCloud Milvus (serverless) with PyMilvus to create collections, insert vectors, and run filtered similarity search. Optimized for Cla...
⭐ 0· 31·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The code and SKILL.md match the stated purpose: they use PyMilvus to create collections, insert vectors, and run searches against an AliCloud Milvus endpoint. The requested artifacts (MILVUS_URI, MILVUS_TOKEN, MILVUS_DB, optional collection/dimension env vars) are appropriate for that functionality. However, the registry metadata lists no required environment variables even though the runtime instructions and script require credentials — a transparency mismatch.
Instruction Scope
SKILL.md and scripts stay within the declared scope: they instruct installing pymilvus, reading MILVUS_* env vars, performing a minimal read call, then running create/insert/search operations and saving local output under output/aliyun-milvus-search. There are no instructions to read unrelated system files, phone home to unknown endpoints, or exfiltrate data to third-party services.
Install Mechanism
This is an instruction-only skill with a small helper script. It recommends installing pymilvus via pip (in a virtualenv) — a standard, low-risk approach. There is no bundled download from arbitrary URLs or other installation of external binaries.
Credentials
The runtime requires MILVUS_URI and MILVUS_TOKEN (credentials) and optionally MILVUS_DB, MILVUS_COLLECTION, MILVUS_DIMENSION. Those variables are proportional to the stated purpose. The concern is that the skill registry declares no required environment variables or primary credential — meaning the manifest underreports the credential requirements. Supplying MILVUS_TOKEN grants access to your Milvus instance; ensure you do not provide production/global credentials and prefer scoped or temporary credentials.
Persistence & Privilege
The skill does not request always:true and does not modify other skills or system-wide settings. It writes outputs locally under an output/ directory which is normal. Note: the agent is allowed autonomous invocation by default (disable-model-invocation is false). Combined with credential access this increases blast radius, but autonomous invocation alone is platform default and not a sole reason for rejection.
What to consider before installing
This skill appears to do what it claims (connect and operate on AliCloud Milvus via PyMilvus), but pay attention before supplying credentials. The registry metadata does not list the environment variables the script actually requires (MILVUS_URI and MILVUS_TOKEN), so: 1) do not run this with long-lived or production credentials — create scoped or temporary credentials for testing; 2) run first in an isolated environment (local VM or test account) and in a virtualenv as recommended; 3) verify network access (VPC or public endpoint) and that the token has least privilege required for the operations you want; 4) check the pymilvus version and audit the quickstart.py source if you need stricter assurance; 5) consider whether you want the agent to be allowed to invoke this autonomously while having access to environment variables — if not, avoid giving the agent persistent environment access or disable autonomous invocation for this skill. Finally, ask the publisher (or registry) to correct the manifest to explicitly declare required env vars so you can make an informed decision.Like a lobster shell, security has layers — review code before you run it.
latestvk970mrh2yeqn2n247snj2dyt25840z8z
License
MIT-0
Free to use, modify, and redistribute. No attribution required.