ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

odps-sql

v1.0.1

Use this skill when the user wants to query, analyze, or explore data in Alibaba Cloud ODPS (MaxCompute / 阿里云大数据计算服务). This skill executes SQL queries, lists...

0· 213·0 current·0 all-time
by@guilongzh
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The skill's name, description, and provided scripts all consistently target Alibaba Cloud ODPS (MaxCompute) and require Alibaba credentials — that is appropriate for the stated purpose. However, the registry/SKILL.md declares env var names (ALIYUN_ACCESS_ID, ALIYUN_ACCESS_SECRET, ALIYUN_PROJECT_NAME, ALIYUN_END_POINT) and the config.example.env uses those names, while the runnable script (scripts/odps_helper.py) expects different env var names (ALIYUN_ACCESS_KEY_ID, ALIYUN_ACCESS_KEY_SECRET, ALIYUN_ODPS_PROJECT, ALIYUN_ODPS_ENDPOINT). This mismatch is an incoherence between the declared requirements and the code the skill will actually run.
Instruction Scope
SKILL.md provides a focused, limited workflow: create a .env with credentials, install pyodps, and run the helper script to list tables, describe schemas, or execute queries. The instructions do not request unrelated files or secrets and emphasize partition filters / limits to avoid full scans. The script loads a .env from the current working directory or the skill parent dir and only accesses ODPS via the pyodps library. No external endpoints beyond ODPS are contacted. The main concern is that following the SKILL.md as-written may still fail because of the env-name mismatch.
Install Mechanism
No automated install spec is provided (instruction-only install). The README instructs the user to pip install pyodps; this is a standard, low-risk dependency installation step and there are no archive downloads or arbitrary remote installs embedded in the skill package.
!
Credentials
The set of required environment variables (Alibaba Cloud access key/secret, project, endpoint) is proportionate for a tool that connects to ODPS. However the declared/advertised env var names differ from the names the script actually reads. Registry and config.example.env use ALIYUN_ACCESS_ID / ALIYUN_ACCESS_SECRET / ALIYUN_PROJECT_NAME / ALIYUN_END_POINT, while the script expects ALIYUN_ACCESS_KEY_ID / ALIYUN_ACCESS_KEY_SECRET / ALIYUN_ODPS_PROJECT / ALIYUN_ODPS_ENDPOINT. This mismatch can cause the script to report missing credentials even when the user has filled the .env per instructions, increasing the chance of confusion and accidental credential mishandling.
Persistence & Privilege
The skill does not request persistent special privileges; always:false and default model invocation settings are used. The skill is instruction-only with no install-time changes to system-wide config. It reads a .env file and environment variables but does not attempt to modify other skills or system configuration.
What to consider before installing
This skill appears to do what it says (run queries against Alibaba ODPS) but the declared env variable names in the skill metadata and config template do not match the env names the included Python script actually reads. Before installing or handing over real credentials: - Inspect scripts/odps_helper.py and decide which env var naming you want to use. Either: (a) set the env vars the script expects (ALIYUN_ACCESS_KEY_ID, ALIYUN_ACCESS_KEY_SECRET, ALIYUN_ODPS_PROJECT, ALIYUN_ODPS_ENDPOINT), or (b) edit the script to read the env names from config.example.env / SKILL.md (or update the .env). - Use a dedicated, least-privilege Alibaba key (read-only / limited to the specific project) when testing. Never reuse high-privilege keys. - Test the script locally in an isolated virtualenv and verify it connects to the expected ODPS endpoint before using it in production. - Do not commit the filled .env to source control; follow the README note. Rotate keys if you accidentally exposed them. If you want higher assurance, ask the skill author to reconcile the env var naming and update SKILL.md/config.example.env to match the script (or vice versa) and to provide a short test run log demonstrating a successful connection using a non-sensitive test account.

Like a lobster shell, security has layers — review code before you run it.

latestvk97dv9evjy9gefpxp14sk33v6582vp51

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Binspython
EnvALIYUN_ACCESS_ID, ALIYUN_ACCESS_SECRET, ALIYUN_PROJECT_NAME, ALIYUN_END_POINT

Comments