Skillv1.0.10

ClawScan security

Tencent Cloud Infra · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 2, 2026, 10:19 AM

Verdict: Benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's requests, scripts, and instructions are coherent with a full-featured Tencent Cloud tccli helper; it does not ask for unrelated credentials or install arbitrary remote code, but it will create and store OAuth/API credentials on disk and can perform cloud write operations when you instruct it to — review and consent before running those steps.
Guidance: This skill appears to do what it claims: it's a tccli-based Tencent Cloud toolbox with helper scripts. Before installing/using it: 1) Review the two included scripts (whoami.sh and tccli-oauth-helper.py) — they are plain and readable; the OAuth helper will POST tokens to a tccli-related endpoint to obtain temporary creds and will write credentials to ~/.tccli/<profile>.credential. 2) Prefer OAuth (temporary creds) as the SKILL advises; avoid using long-lived AK/SK unless you understand the risk. 3) Be careful when the assistant asks to execute any Create/Modify/Delete commands (instances, disks, firewall rules, domain purchases, TAT remote commands) — those will change your cloud account and/or bill you. 4) Only run whoami.sh on an actual Tencent Cloud instance (it reads the internal metadata endpoint). 5) If you are not comfortable with the skill writing credentials to disk or executing remote-write tccli commands, decline those steps or require explicit confirmation before any write operation.

Review Dimensions

Purpose & Capability: okName/description (unified Tencent Cloud operations via tccli) matches the included materials: many tccli command examples, product-specific references, a whoami script and an OAuth helper are appropriate and expected for a cloud-management skill.
Instruction Scope: noteSKILL.md consistently instructs the agent to use tccli and the included helper scripts; it also contains many procedures that perform destructive or billing-affecting operations (CreateInstances, CreateDisks, AttachDisks, firewall modifications, TAT RunCommand, domain purchases). The SKILL.md explicitly prefers queries and asks for confirmation before modifications — however the references include the exact tccli commands to perform writes. The whoami flow uses an included script that queries instance metadata (internal endpoint) which is expected; the SKILL does not instruct the agent to read unrelated local files.
Install Mechanism: okNo risky external downloads or extract-and-run URLs. The metadata indicates installing the well-known 'tccli' Python package via pip (standard). The code files provided are plain scripts included in the skill bundle (no hidden remote fetch).
Credentials: noteThe skill declares no required env vars or primary credential, which is consistent, but many reference workflows will require either OAuth temporary credentials or AK/SK (and the helper script writes OAuth credentials to ~/.tccli/<profile>.credential). The presence of commands that suggest exporting TENCENTCLOUD_SECRET_ID/SECRET_KEY for some flows is expected for cloud management; these are not requested up-front by the skill but will be necessary for certain operations.
Persistence & Privilege: noteSkill is not always-enabled and does not request elevated platform privileges. However the included tccli-oauth-helper.py will save credentials to the user's home directory (~/.tccli/*.credential) when used, and some referenced flows (TAT RunCommand, instance creation, domain purchase, disk attach) can perform persistent or account-affecting actions when executed with valid credentials — the skill itself does not force these actions but provides the exact commands.