Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
陈列货盘分析
v1.0.0陈列货盘分析工具。从货盘视角分析引起客户意向的商品和试用行为变化。 核心能力: 1. 三漏斗交叉分析(displayFunnel陈列SKU + behaviorFunnel试用次数 + customerFunnel客户) 2. 引起意向的商品变化(引起意向SKU数、引起意向SKU占比) 3. 客户对意向商品的试用...
⭐ 0· 59·1 current·1 all-time
byXtechmerge.AI@gwyang7
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill's name, description, SKILL.md, and analyze.py are coherent: they implement store/assortment funnel analysis and call a BI endpoint (/api/v1/store/dashboard/bi). However, analyze.py imports get_copilot_data from an absolute local path (/Users/yangguangwei/.openclaw/workspace-front-door/api_client) that is not included in the skill bundle. Requiring an external local client without declaring it is an unexplained dependency.
Instruction Scope
SKILL.md and analyze.py instruct the agent to fetch BI data and compute metrics only — they do not ask the agent to read arbitrary unrelated files. BUT analyze.py will import and run code from a user-local api_client module, which may execute network requests or access credentials. The SKILL.md does not instruct how to provide the API host/credentials or explain what get_copilot_data does, giving the agent broad implicit discretion to use whatever that client does.
Install Mechanism
There is no install spec and no external downloads; the skill is instruction-plus-source only. That is lower risk than remote installers. The risk arises from relying on a local module outside the bundle rather than from an installer.
Credentials
The skill makes network calls to a BI endpoint but declares no required environment variables or credentials. This is disproportionate: either the skill should declare the API credential(s) it needs (and their minimal scopes) or include a self-contained client. As-is, it implicitly depends on existing local authentication (e.g., a token used by api_client), which may cause silent use of broader credentials than expected.
Persistence & Privilege
The skill does not request always: true and does not modify agent configs, which is good. However, importing and executing code from a hard-coded absolute path in a user's home directory allows that external code to run with the agent's privileges at runtime — effectively elevating the skill to execute arbitrary locally-hosted code. That is a notable privilege risk and should be explicitly addressed.
What to consider before installing
This skill appears to implement the claimed assortment/funnel analysis, but it depends on an external local module (imported from /Users/yangguangwei/.openclaw/workspace-front-door/api_client) that is not part of the skill and could perform network calls or use credentials you didn't intend to share. Before installing or running: 1) Inspect the api_client implementation at that absolute path (or require the skill to include a self-contained client) to see what hosts it calls and what credentials it reads. 2) Make the skill declare any API host and credentials it needs; prefer narrow-scope tokens. 3) Avoid running the skill in an environment where that local path contains unreviewed code — run in a sandbox or provide a vetted client implementation. 4) If you cannot review the external api_client, do not run this skill with access to sensitive credentials or a network with internal BI systems. If the skill is meant for your organization, ask the publisher to remove hard-coded absolute paths and explicitly document required configuration and credential scopes.Like a lobster shell, security has layers — review code before you run it.
latestvk97ac638g3j44s13427asnf4hn83mse7
License
MIT-0
Free to use, modify, and redistribute. No attribution required.