Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Zto
v1.0.0Use ZTO Express (中通快递) for shipment tracking, shipping guidance, service-type comparison, outlet lookup, and delivery-time or fee estimation. Use when the us...
⭐ 0· 125·0 current·1 all-time
byhaidong@harrylabsj
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description (ZTO tracking, estimates, outlet lookup) aligns with the included code: local DB for history/subscriptions, price/time estimates, and formatting. The required dependencies (aiohttp, cryptography, etc.) are plausible for a CLI that could fetch remote data, encrypt local secrets, and render QR/images.
Instruction Scope
SKILL.md clearly documents local persistence paths and privacy controls. The runtime code writes an SQLite DB and may use SecureStorage for encrypted files. However the Python code imports aiohttp (network library) but the visible query() implementation simulates results rather than calling external ZTO endpoints; this leaves open the possibility the rest of zto.py (truncated in the listing) initiates network traffic to endpoints not declared in SKILL.md. SKILL.md does not declare any external endpoints — if the code later contacts remote APIs, that should be disclosed.
Install Mechanism
No installation script/remote download is included — this is an instruction-only/packaged-code skill. Dependencies are standard Python packages listed in requirements.txt. No suspicious URL downloads or archive extraction are present.
Credentials
The skill does not request environment variables, system paths, or external credentials. Its use of local storage under the user's home directory is proportionate to its functionality.
Persistence & Privilege
The skill persists data under ~/.openclaw/data/zto, including an encrypted storage area and a locally-stored Fernet key file (~/.openclaw/data/zto/secure/.key). This is expected for local encrypted storage, but storing the encryption key on disk next to the encrypted files reduces protection if an attacker already has local file access. always:false and no system-wide config changes are requested.
What to consider before installing
What to consider before installing:
- The skill appears to be a local ZTO helper that stores history, subscriptions, and optional encrypted files under ~/.openclaw/data/zto/. That behavior is declared in SKILL.md and implemented in code.
- The SecureStorage implementation stores a Fernet key at ~/.openclaw/data/zto/secure/.key with file mode 600. While the data are encrypted, the key is stored locally; if an attacker can read your home directory they could decrypt the files. Avoid storing highly sensitive secrets (bank details, full identity documents) in the skill's storage.
- The code imports aiohttp (networking). The visible query() simulates results, but the zto.py file was truncated in the listing — review the full file for any network calls or outbound endpoints before trusting it, especially any code that might transmit stored data to remote servers.
- Dependencies are normal Python packages. Install into a virtualenv/sandbox if you want to reduce risk.
- Use the provided privacy commands (privacy info / privacy clear / privacy export) to audit and remove data if you decide to try the skill.
- If you do not trust the skill author or cannot inspect the entire zto.py file, treat it as untrusted code and run in an isolated environment.
If you want, I can scan the remainder of zto.py (provide the full file) and specifically look for network endpoints, telemetry/callback code, or references to external hosts.Like a lobster shell, security has layers — review code before you run it.
latestvk97fqj20f8bs13btr78hz36sbd83m3ng
License
MIT-0
Free to use, modify, and redistribute. No attribution required.