ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Gaoding Design

v2.0.0

稿定设计对话式设计工具。支持搜索模板、选择模板、编辑文案、预览、导出设计。覆盖海报、PPT、电商主图、名片等全场景。

0· 398·1 current·1 all-time
by@gezilinll
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The skill legitimately needs browser automation (Playwright) to search, edit and export templates from gaoding.com and the code implements that. However the registry metadata at the top of the submission indicates no required env vars, while SKILL.md, README.md and the code require GAODING_USERNAME / GAODING_PASSWORD (and README also mentions ANTHROPIC_API_KEY and Feishu creds). This mismatch between declared registry requirements and the SKILL.md/README is an inconsistency that should be clarified.
Instruction Scope
Runtime instructions (SKILL.md and scripts) direct Playwright to automate login, click UI elements, take screenshots, export files and persist cookies under ~/.openclaw/skills/gaoding-design. Those actions are consistent with the stated purpose. Flags: the skill tells you to store GAODING_PASSWORD in a .env plaintext file and will automatically re-login using those credentials; it also persists cookies and exported images in your home directory. There are no instructions to read unrelated system files or to send data to unknown remote endpoints beyond gaoding.com (and optional Feishu integrations referenced in docs).
Install Mechanism
There is no formal install spec in the registry, but SKILL.md/README instruct manual installation via npm install and running 'npx playwright install chromium'. Dependencies come from npm (playwright) which will download Chromium — a common but non-trivial operation. No arbitrary downloadable URLs or bundled executables from unknown hosts were found. The repository remote is an internal git URL (git@git.intra.gaoding.com) and package-lock points to npmmirror registry — not inherently malicious but worth noting for supply-chain context.
!
Credentials
Requiring GAODING_USERNAME and GAODING_PASSWORD is proportionate for automating login to gaoding.com. However there are inconsistencies: top-level metadata claimed no required env vars, SKILL.md requires GAODING creds, and README also calls out ANTHROPIC_API_KEY and optional FEISHU_APP_ID/FEISHU_APP_SECRET (the latter two are not required by SKILL.md). The skill persists cookies and saves exported files under the user's home directory. Requiring and storing a plaintext password is a sensitive operation — users should only provide credentials they trust to be stored locally.
Persistence & Privilege
The skill does persist cookies and created export files under ~/.openclaw/skills/gaoding-design and maintains in-memory session state; it does not request always:true or try to modify other skills or global agent settings. Autonomous invocation (disable-model-invocation=false) is the platform default and not flagged by itself. The scope of persistence is limited to the skill's own directory.
What to consider before installing
What to check before installing: - Clarify the declared requirements: the registry metadata lists no env vars but SKILL.md and the code require GAODING_USERNAME and GAODING_PASSWORD. Do not provide your primary account password until you trust the skill source. Consider using a disposable/test Gaoding account first. - The skill uses Playwright and will download Chromium and run headless browser automation. That automation will store cookies (cookies.json) and exported images under ~/.openclaw/skills/gaoding-design. If you have sensitive data in your environment, isolate the install (e.g., in a VM or throwaway user account). - README mentions Anthropic and Feishu credentials — these are optional integrations (Feishu) or unrelated to core template search. Confirm which env vars are actually required for your use and remove unused secrets. - Review auth.ts, export.ts and search code yourself or have a trusted developer do so: they implement auto-login (fills username/password), save cookies to disk, capture screenshots and perform downloads. Ensure there is no unexpected network exfiltration or hardcoded endpoints beyond gaoding.com. - Check file permissions on the created .env, cookies.json and export files (chmod 600) to limit local exposure. - If you proceed, run the included smoke-test in an isolated environment and monitor what files are created and which network endpoints are contacted. If anything looks different from gaoding.com or Feishu endpoints, abort and investigate. Confidence: medium — the code appears coherent with its stated purpose but the mismatched metadata and multiple optional credential mentions increase the risk of misconfiguration or accidental credential exposure.

Like a lobster shell, security has layers — review code before you run it.

latestvk97d7qy44fhzk0mf47r1fvynjd822qpf

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments