Pharmaceutical Bidding
v1.0.0Automatically collects, verifies, and evaluates pharmaceutical system bidding info from provincial sites daily, updating WeChat Work tables with actionable o...
⭐ 0· 229·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description match the code and SKILL.md: code performs web scraping/collection, filtering, evaluation, and posts to WeChat Work. Included dependencies (axios, cheerio, puppeteer) are plausible for scraping and the WeChat API integration is present.
Instruction Scope
SKILL.md instructs scraping provincial procurement sites, doing secondary search, and writing to WeChat Work — the code implements these workflows (search, filter, evaluate, post). Some key functions referenced in main.js (searchWebsite, searchEngineEnhance) are placeholders/not present in the provided file, indicating incomplete implementation rather than covert behaviour. The instructions allow arbitrary web searches and scraping, which will cause outbound network calls as expected.
Install Mechanism
No install spec is provided (instruction-only install), so nothing is pulled during install by the platform. However the package.json and package-lock are present and declare significant npm dependencies (including puppeteer). If you run npm install locally, that will fetch many packages from public registries — expected for scraping but higher footprint than a minimal script.
Credentials
The skill does not declare required env vars but expects secrets in config.json (wechatWork.apiToken, corpId/corpSecret, token, encodingAESKey). More importantly, validate-wecom-config.js searches for an openclaw.json at paths outside the skill directory (../../openclaw.json and ../../../openclaw.json) and will read it if present. That means the skill includes code that attempts to access workspace/global configuration which may contain other channel tokens or sensitive platform credentials — this access is not justified by the stated purpose and is disproportionate.
Persistence & Privilege
always is false and autonomous invocation is allowed (default). The skill schedules a daily job via node-cron when started and the provided crontab.txt demonstrates adding a cron entry if a user writes it. The code does not modify other skills' configs, but the validate-wecom-config.js file tries to read config files outside the skill folder — this cross-scope file access increases potential blast radius and should be restricted.
What to consider before installing
This skill mostly does what it says: scrapes procurement sites, evaluates bids, and posts to WeChat Work. Before installing or running it: 1) Do not commit real secrets (apiToken, corpSecret, token, encodingAESKey) into config.json in source control — store them in an environment or secure vault instead. 2) Remove or edit validate-wecom-config.js if you do not want the skill to read workspace/global configs (it looks for openclaw.json outside the skill folder and will read it); that behaviour is unnecessary for core functionality and could expose unrelated credentials. 3) Run npm install and review the installed packages locally (puppeteer is large and will download browsers). 4) Run the skill in an isolated environment (container or VM) and restrict its network access if you need to limit external calls. 5) Consider rotating/invalidating any secrets used for testing after validation. If you want, I can point to the exact lines that read openclaw.json and suggest a safe patch to limit file access.Like a lobster shell, security has layers — review code before you run it.
latestvk972t73ax85vhmz0y7nzps296982c9zs
License
MIT-0
Free to use, modify, and redistribute. No attribution required.