Skillv1.0.0

ClawScan security

Weather Push · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 3, 2026, 4:41 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill largely does what it describes (send daily Shenzhen weather and remote service checks to Feishu), but the runtime script contains hard-coded host/user/target values, disables SSH host-key checking, and assumes local binaries/keys without declaring them — these are suspicious and require review before use.
Guidance: This script is coherent with its weather+service-check purpose, but review and adapt it before enabling: - Inspect and change hard-coded values: the SSH target (10.144.1.3), SSH user (sulada2), and the Feishu target OU ID are baked into the script; replace with your own targets or make them configurable. - Provide SSH credentials intentionally: the script expects an SSH key/agent to allow passwordless SSH. Confirm which key will be used and do not expose private keys. - Re-enable host-key verification: StrictHostKeyChecking=no weakens SSH security and can allow MitM; consider using known_hosts or more secure SSH options. - Verify the openclaw CLI path: /home/aisulada/.npm-global/bin/openclaw is user-specific and may not exist; change to the correct path or use a configurable command. - Check logging and confidentiality: logs are written to /tmp/weather-push.log; ensure log files are stored securely if they contain sensitive identifiers. - Test in a safe environment first: run manually and confirm outputs, SSH behavior, and that messages are sent to the expected Feishu recipients. If you want a lower-risk version, request the maintainer remove hard-coded hosts/users, make paths and targets configurable via declared env vars, and avoid disabling SSH host-key checks.

Review Dimensions

Purpose & Capability: okName/description match the behavior: the script fetches weather data, computes differences, checks a remote MiHoMo service, and sends a Feishu message. The declared dependencies (python3 + lunarcalendar, SSH access) are consistent with the stated purpose.
Instruction Scope: concernThe SKILL.md and push.sh instruct the agent to SSH into an internal host (10.144.1.3) as a specific user (sulada2) and run systemctl/pgrep on that host. The script also calls a local OpenClaw CLI at a hard-coded user path and writes logs to /tmp. Disabling StrictHostKeyChecking and hard-coded targets give the script broad, specific network/system access that the user may not expect.
Install Mechanism: okNo install spec — instruction-only plus an included script. Nothing is downloaded or extracted during install, which is low risk. The only runtime requirements are Python packages and SSH access.
Credentials: noteThe skill does not declare env vars or credentials, but it requires SSH credentials/key material to access 10.144.1.3 and expects a user-local openclaw binary path (/home/aisulada/.npm-global/bin/openclaw). These implicit credential assumptions are reasonable for the function but should be explicit; hard-coded username, internal IP, and Feishu target are sensitive and may not be appropriate for other environments.
Persistence & Privilege: okThe skill is not always-enabled and does not modify other skills or system-wide config. It runs as a scheduled/explicit task only and does not request elevated platform privileges.