Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
门店Benchmark分析
v1.0.0门店Benchmark分析工具。与集团/区域其他门店对比,分析门店等级、排名变化、件单价×连带率矩阵象限。 核心能力: 1. 多维度对比范围(集团全部、区域、省份、城市) 2. 门店等级评估(基于销售额、订单数、客单价、连带率) 3. 排名变化追踪(本期排名vs上期排名) 4. 件单价×连带率矩阵象限分析(识别门...
⭐ 0· 80·0 current·0 all-time
byXtechmerge.AI@gwyang7
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The skill claims to be a store benchmark analyzer and the code implements that logic, but it imports query_database from a hard-coded absolute path ('/Users/yangguangwei/.openclaw/workspace-front-door'), implying a dependency on a local API client or database connector not declared in the metadata. The manifest states no required env/config, but the code clearly depends on an external data source (database) accessed via api_client—this mismatch is unexplained and disproportionate.
Instruction Scope
SKILL.md example calls analyze_benchmark and ComparisonScope from analyze, but the actual code exposes analyze and ComparisonScope; the sample Python call uses a different function name (analyze_benchmark) which will fail. The code constructs raw SQL using user-supplied scope_code and date strings without sanitization (risk of SQL injection depending on query_database implementation). SKILL.md does not disclose the need for a database client or credentials, yet the runtime instructions (the code) will attempt DB queries.
Install Mechanism
There is no install spec (instruction-only), which is low risk, but a code file is included that will import a local module via an absolute filesystem path. Because there's no declared install step, it's unclear how query_database will be provided in other environments. This is surprising and fragile rather than a straightforward install risk.
Credentials
The skill declares no required environment variables or credentials, yet it queries a database via query_database. That likely requires DB connection configuration (credentials, hosts) provided implicitly by the imported api_client module or local environment—these are not declared. The code thus may access sensitive data without the manifest indicating required credentials, which is disproportionate and opaque.
Persistence & Privilege
The skill is not always-enabled and does not request persistent privileges. It does not modify other skills or global agent settings in the provided files.
What to consider before installing
Do not install or run this skill until the author clarifies and fixes the inconsistencies. Specific issues to resolve: 1) The SKILL.md example calls analyze_benchmark but the code function is analyze — fix the docs or code. 2) Remove or explain the hard-coded sys.path insertion ('/Users/yangguangwei/...') — this ties the skill to a specific user's workspace and hides dependencies; the skill should import public modules or document required local modules and config paths. 3) Declare any database/API credentials or config required (host, user, password, tokens). Right now no env vars are declared yet the code calls query_database, which could access sensitive data. 4) Prevent SQL injection: avoid concatenating user inputs (scope_code, dates) directly into SQL; use parameterized queries or validate/sanitize inputs. 5) Ask the author to provide the implementation or provenance of api_client.query_database (what DB, where it connects, who can access it). Until these are addressed, treat the skill as suspicious and run it only in an isolated environment after reviewing or replacing api_client with a known-safe connector.Like a lobster shell, security has layers — review code before you run it.
latestvk97exsykqjhvmpf2tccw0bfq9x83n3et
License
MIT-0
Free to use, modify, and redistribute. No attribution required.