ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

IPaaS VitePress Content Automation

v1.0.9

自动生成 B 端集成解决方案文档并安全部署至 VitePress 站点。

0· 56·0 current·0 all-time
byEvanChang@evan-ch
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name/description (generate iPaaS docs and deploy to a VitePress site) matches the included files: a template, README, SKILL.md workflow, and a deploy.sh that builds and rsyncs the built site. Declared runtime binaries (pnpm, rsync, ssh) and env vars (SERVER_IP, REMOTE_DIR, REMOTE_USER, SERVER_PORT) in SKILL.md are appropriate for remote deployment. However, the registry metadata at the top of the skill packaging lists no required env vars or binaries — this mismatch between manifest-level requirements and the SKILL.md runtime requirements is an incoherence that could cause confusion at install/runtime.
Instruction Scope
The instructions are narrowly scoped to reading a template, writing docs, updating VitePress config, and invoking a shell deploy script. There is no instruction to read unrelated files or exfiltrate data. Two operational issues: SKILL.md says to run './scripts/deploy.sh' (plural 'scripts') but the repository contains 'script/deploy.sh' (singular) — that will cause the runtime instruction to fail unless corrected. The deploy workflow requires user-provided SERVER_IP/REMOTE_DIR and assumes SSH key auth; that is reasonable but must be validated by the installer.
Install Mechanism
There is no install specification (instruction-only), which minimizes installation risk. The included deploy.sh runs 'pnpm install' and 'pnpm run docs:build' — building will fetch packages from the network (npm registry), so the build step has network-side effects. No external or obfuscated download URLs are present in the package itself.
Credentials
Environment variables referenced (SERVER_IP, REMOTE_DIR, REMOTE_USER, SERVER_PORT) are proportional to the stated deployment purpose. The deploy script enforces required SERVER_IP and REMOTE_DIR and defaults others sensibly. The inconsistency is that the registry metadata header lists no required env vars while the SKILL.md includes them; confirm the platform will prompt for or enforce these variables before running. No unrelated secrets are requested.
Persistence & Privilege
The skill is not always:true and does not request persistent elevated privileges. The deploy script writes only to the target remote directory (and checks against system directories) and does not modify other skills or global agent settings. Autonomous invocation (disable-model-invocation: false) is normal and not a red flag here by itself.
What to consider before installing
This skill appears to do what it says (generate docs and deploy via rsync/SSH) but fix a few issues and check operational risks before using: - Fix the script path mismatch: SKILL.md calls ./scripts/deploy.sh but the repo has script/deploy.sh. Correct the path so the agent can run the deploy script. - Confirm the platform will surface and require the env vars (SERVER_IP and REMOTE_DIR). The package's top-level metadata lists no required env vars; ensure your agent will prompt for or inject them before running. - Understand the build step runs 'pnpm install' (network access to npm). If you run this in a sensitive environment, review package.json (not provided) and audit dependencies, or run the build in an isolated CI/staging environment. - Ensure SSH key-based auth is set up and known_hosts is populated as recommended (ssh-keyscan / ssh-copy-id). The script enforces SSH key auth and forbids syncing to common system directories, which is good. - Test in a non-production/staging server first to verify the generated docs and deployment behavior. If these points are resolved (correct script path, env vars handled, and you accept the network build step), the skill is reasonably coherent for its purpose. If you cannot correct or verify these issues, do not run it against production systems.

Like a lobster shell, security has layers — review code before you run it.

latestvk972g3mq5qgxhqpr61ea6v5w8h84v2cj

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments