Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
企雀AI助手
v1.0.0Use this skill when an agent needs to answer or plan operations for QiQue business requests in pure text protocol mode (no local executable dependency). Trig...
⭐ 0· 54·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill's name/description match QiQue API helper behavior, but the declared registry metadata lists no required config paths or credentials while the SKILL.md explicitly requires loading/saving credentials from config/qique.config.json. That mismatch (declared requirements: none vs runtime: requires config keys app_id/app_secret/distribution_*) is incoherent. The repo also contains a populated distribution_app_secret in config/qique.config.json, which implies the skill embeds an operational secret rather than relying solely on user-provided credentials.
Instruction Scope
The SKILL.md instructs the agent to (a) load credentials from config/qique.config.json or session state, (b) persist credentials between turns (store/overwrite them), and (c) request app_id/app_secret from the user when missing. These instructions cause the agent to read and store secrets and do not specify secure storage boundaries or limits on retention. The skill does not instruct the agent to send credentials to any unexpected remote endpoint, but the instruction to persist secrets in agent memory/config is broad and under-specified.
Install Mechanism
No install spec and no code files to execute — the skill is instruction-only. This minimizes installation risk because nothing is downloaded or executed at install time.
Credentials
No environment variables or config paths were declared in the registry metadata, but the instructions require reading config/qique.config.json and retaining app_id/app_secret and distribution_* values. The repository includes a cleartext distribution_app_secret value — embedding a secret in the skill package is unnecessary for a third-party consumer and increases risk. Asking users to input their app_id/app_secret and then persist them in agent state is disproportionate unless the user understands where and how those secrets will be stored and protected.
Persistence & Privilege
The skill requires keeping credentials persistent between turns and overwriting them when the user provides new values. While always:false (normal), the explicit instruction to persist secrets and reuse them across sessions grants the skill effective long-term access to user credentials unless the platform enforces secure storage and access controls. The SKILL.md gives no constraints on retention, encryption, or scope of reuse.
What to consider before installing
This skill appears to be an instruction-only QiQue API helper, but it asks the agent to load and persist API credentials from config/qique.config.json and to prompt you for app_id/app_secret. The package also contains a cleartext distribution_app_secret. Before installing or using this skill:
- Do not paste your production app_secret into the agent until you confirm where/how the credentials will be stored (encrypted storage, retention policy, who can access them).
- Prefer creating a limited-scope or temporary/test QiQue API key for use with this skill, and rotate/revoke it after testing.
- Ask the skill author (or registry) to declare required config paths/credentials explicitly in the metadata and to remove embedded secrets from the package.
- Confirm that your platform's agent storage will not expose persisted secrets to other skills or logs.
- If you cannot verify secure storage and the trustworthiness of the skill source, do not provide real credentials; use test credentials only.
Given the metadata/instruction mismatch and embedded secret, treat this skill as potentially risky until the above clarifications are provided.Like a lobster shell, security has layers — review code before you run it.
latestvk9719z4mt24eb2skah5zs1kvns83jph0
License
MIT-0
Free to use, modify, and redistribute. No attribution required.