ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Kuaidi Query

v1.0.3

Query logistics tracking information via Track123 API

0· 229·2 current·2 all-time
by@djttt
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description align with included code: the script calls Track123 endpoints to query tracking info and lists supported carriers. However the package ships a populated config.json containing an API key/secret. The README instructs users to create their own config.json from config.example.json, so bundling a populated config.json is inconsistent and unnecessary for the stated purpose.
Instruction Scope
SKILL.md instructions are narrowly scoped to configuring an API key and running the Node script. They do not ask for unrelated files or system data. But there is a contradiction: docs show fields named app_key/app_secret and API v2.1 endpoints, while scripts use api_secret and a v2 base path and send a Track123-Api-Secret header. That mismatch could cause confusion or unexpected credential use.
Install Mechanism
No install spec; this is an instruction+script skill that depends on axios (standard). All dependencies are from npm (package-lock present). No arbitrary remote downloads or extract-from-URL operations were found.
!
Credentials
The skill does not request environment variables, which is fine, but the repository includes a ready-made config.json with what appears to be Track123 credentials (app_key/api_secret). Shipping a populated secret in the repo is disproportionate and risky: it may be a real/active credential allowing usage (and rate/ billing) under someone else's account or exposing that account if the key is valid.
Persistence & Privilege
The skill runs as a normal CLI script, writes/reads a local .cache.json in the skill directory to implement caching, and does not request elevated or cross-skill persistence. always is false and it does not modify other skills or global agent settings.
What to consider before installing
This skill appears to do what it says (query Track123) but the repository includes a populated config.json with an API key-like value — contradicting its own advice to create your own config and keep keys private. Before installing or running: (1) Treat the bundled config.json as potentially sensitive/active and do not assume it is a harmless placeholder. Replace it with your own Track123 credentials (from a secure location) or remove it. (2) Do not commit any API keys to public repos. (3) Review the script's network calls (it posts to api.track123.com) and run in a sandbox if you are concerned about using an unknown credential. (4) Note documentation/code mismatches (app_key vs api_secret, v2.1 vs v2); verify behavior against Track123 documentation or test with your own key. If you need high assurance that the included key is inert, ask the publisher to confirm it is a dummy key and to remove it from the package.
!
scripts/query.js:68
File read combined with network send (possible exfiltration).
About static analysis
These patterns were detected by automated regex scanning. They may be normal for skills that integrate with external APIs. Check the VirusTotal and OpenClaw results above for context-aware analysis.

Like a lobster shell, security has layers — review code before you run it.

latestvk971qghy1kw3mctryfykn7zcvd831q2f

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments