金蝶ERP销售订单执行情况查询
WarnAudited by ClawScan on May 12, 2026.
Overview
This skill hardcodes credentials to a remote ERP database and allows broad SQL querying of business and financial data.
Do not install or use this skill with the embedded database password. Ask the publisher to remove and rotate the credential, declare credential requirements properly, and provide a scoped read-only setup with query safeguards before using it on real ERP data.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Anyone with the skill contents could potentially connect to the ERP database and access sensitive business, financial, customer, supplier, employee, or account data.
The skill publishes a remote ERP database host, username, password, and database name directly in its documentation, while the registry metadata declares no credentials.
主机: 111.198.79.26 ... 用户: cosmic ... 密码: [hardcoded value] ... 数据库: yyzl202501
Remove and rotate the embedded password, require users to provide their own credentials through declared secrets or environment variables, and use a least-privileged read-only database role scoped to the needed tables.
An agent or user could run overly broad, expensive, or unintended SQL against a production-like ERP database; if the account is not actually read-only, the same path could allow unsafe changes.
The helper executes arbitrary SQL against the configured ERP database and fetches all rows when no limit is supplied, without enforcing SELECT-only queries, allowed tables, row limits, or approval gates.
def execute_query(self, sql, params=None, limit=None): ... cursor.execute(sql, params or ()) ... rows = cursor.fetchall()
Constrain the helper to validated read-only SELECT statements, enforce default limits and date filters, restrict allowed schemas/tables, and require explicit user confirmation for custom SQL.