Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
网约车预订
v1.0.0企业用车服务助手,支持即时用车、预约用车、接送机、包车等多种用车场景,提供车型选择、费用预估、订单管理等功能。Invoke when user needs to book a car, schedule a ride, airport transfer, or manage car service orders.
⭐ 0· 32·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description (企业用车服务) matches the code's functions (estimate, request, schedule, airport booking, cancel, format). However the SKILL.md explicitly states '必须调用真实用车平台API获取价格和可用车辆' while the bundled Python implementation uses simulated data (random distance, in-code driver DB) and does not call any external ride-platform APIs or request API credentials — this is an incoherence between claimed operation and actual implementation.
Instruction Scope
SKILL.md provides detailed inputs/outputs and UI text and does not instruct the agent to read arbitrary system files or unrelated credentials. However the SKILL.md contains a detected 'unicode-control-chars' injection signal (prompt-injection pattern) and it mandates contacting real platform APIs (contradicted by local simulation). The presence of control characters in the runtime instructions is suspicious and could attempt to manipulate model behavior.
Install Mechanism
No install spec (instruction-only) and required binary is just python3. There are two included .py files but nothing is downloaded from external URLs or installed automatically — low install risk.
Credentials
The SKILL.md insists on using '真实用车平台API' which normally requires API keys/credentials, but requires.env is empty and the code doesn't accept or use any external credentials. If the skill were to call real provider APIs, it should declare and request those credentials; absence of any credential handling is an inconsistency.
Persistence & Privilege
Skill is not always-included (always:false) and does not request elevated persistence or modify other skills/config. Default autonomous invocation is allowed (platform default) but is not by itself a new risk here.
Scan Findings in Context
[unicode-control-chars] unexpected: Control-character prompt-injection patterns were detected inside SKILL.md. This is not expected for a straightforward service description and may attempt to influence model evaluation or runtime behavior. The code files themselves appear to be normal local implementations with no external network calls.
What to consider before installing
This skill claims it must call real ride-hailing platform APIs, but the included Python code only simulates behavior (random distances, in-file driver data) and does not accept or request any API keys — that's a mismatch. Additionally, the SKILL.md contains detected unicode control characters which look like a prompt-injection artifact. Before installing or enabling this skill: 1) ask the author whether this is a mock/placeholder or production-ready connector; 2) require the skill to explicitly declare which external APIs it will call and which credentials it needs (and ensure secure secret storage); 3) review any changes that would add network calls (endpoints, URLs) and validate they come from trusted providers; 4) remove or investigate the control characters in SKILL.md and re-run security review; 5) run the skill in a sandboxed environment and test with non-sensitive data first. If you need a production integration, prefer a version that explicitly implements and documents secure API authentication and endpoints.Like a lobster shell, security has layers — review code before you run it.
latestvk976vz5s0ryc0373ccfztdj38s83zj1f
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
🚗 Clawdis
Binspython3