byted-bp-cdn-pagesdeploy
SuspiciousAudited by ClawScan on May 13, 2026.
Overview
This skill mostly matches its deployment purpose, but its deploy script uses unsafe shell eval on deployment options, which could let crafted inputs run unintended local commands.
Review or patch scripts/deploy.sh before use, especially the eval-based update path. If you install it, use a dedicated limited-scope BytePlus / VolcEngine key, verify the @byteplus/nest package source or pin its version, avoid untrusted values for description/region/build command, and manually confirm any offline or delete operation.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A malicious or accidentally crafted deployment request could execute unwanted commands on the user's machine under the user's account.
DESC and REGION are parsed from command-line options, concatenated into a shell string, and executed with eval. A crafted description or region value containing shell metacharacters could run local commands during an update.
[[ -n "$DESC" ]] && update_args="$update_args --description '$DESC'" [[ -n "$REGION" ]] && update_args="$update_args --region $REGION" ... eval "$NEST pages update -p $pages_id $update_args" || true
Remove eval, pass arguments using Bash arrays with proper quoting, validate region against allowed values, and only run explicit build commands after clear user approval.
The skill may install and run external CLI code that can change over time.
The script fetches an unpinned npm package at runtime. This is central to the stated deployment purpose, but it means first run depends on the current npm package contents and registry trust.
npm install @byteplus/nest --prefix "$install_dir" 2>/dev/null
Install the official BytePlus CLI from a trusted source, prefer a pinned version, and review package provenance before use.
Anyone or any process using the configured CLI may be able to act on the linked BytePlus / VolcEngine account within the key's permissions.
The skill requires provider credentials and stores them in the provider CLI configuration. This is expected for deploying to BytePlus / VolcEngine, but it grants account authority to create, update, and manage Pages resources.
Requires BytePlus / VolcEngine Access Key and Secret Key ... nest config set -g cloud.access_key YOUR_AK && nest config set -g cloud.secret_key YOUR_SK
Use a dedicated, least-privilege access key for Pages deployment and rotate or remove it when no longer needed.
Using the wrong project ID could take a public site offline or delete a Pages project.
The management script can take a Pages project offline or delete it. These actions are purpose-aligned and scoped by project ID, and delete asks for confirmation, but they are high-impact cloud mutations.
$NEST pages offline --pages "$PAGES" ... read -p "Are you sure you want to delete $PAGES? [y/N] " confirm [[ "$confirm" =~ ^[yY] ]] && $NEST pages delete --pages "$PAGES" || echo "Cancelled"
Review the project ID before running offline or delete commands, and do not let the agent perform destructive operations without explicit confirmation.