Cainiao
Security checks across malware telemetry and agentic risk
Overview
The skill is mostly scoped to Cainiao logistics, but its code appears to generate realistic-looking shipment tracking results locally rather than verifying them with Cainiao.
Use caution before relying on this for real package tracking. The visible code appears to generate sample-looking shipment events, so verify important shipments through Cainiao or the carrier directly. If you run the local code, be aware it may store tracking and address-related data under ~/.openclaw/data/cainiao/ and use the privacy clear/export controls when needed.
VirusTotal
No VirusTotal findings
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A user could rely on inaccurate shipment status, location, or delivery-date information as if it came from Cainiao.
The visible tracking path constructs realistic-looking shipment events from hard-coded locations and current timestamps rather than showing a live Cainiao lookup. This conflicts with the advertised tracking use case and could make simulated data look authoritative.
result = TrackingResult(... status="in_transit", events=[TrackingEvent(time=datetime.now().strftime(...), description="快件已到达【北京顺义集散中心】"), ...], sender="上海市", receiver="北京市")
Clearly label generated tracking data as simulated or estimated, or integrate a real Cainiao data source before presenting exact shipment events.
Tracking numbers, subscription records, and possibly address details may remain on the local machine until cleared.
The skill discloses local persistence of logistics records and possibly address data. This is purpose-aligned, but it means personal shipment information may be retained across sessions.
stores query history; stores shipment-subscription records; may store saved address records ... under `~/.openclaw/data/cainiao/`
Use the documented privacy clear/export controls when needed, and avoid saving address details unless necessary.
Manual installation could pull newer dependency versions than the author tested.
If the local Python code is run, it depends on third-party packages specified with lower bounds rather than pinned versions. There is no automatic install spec shown, so this is a manual-run supply-chain consideration rather than evidence of unsafe behavior.
aiohttp>=3.9.0 cryptography>=42.0.0 qrcode>=7.4.0 pillow>=10.2.0
Run the code in an isolated environment and pin or verify dependency versions if using the local runtime.