ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

zsxq-fetch-subscription

v1.0.0

Use this skill when the user wants OpenClaw to query synced Zhishi Xingqiu content, inspect recent posts, search downloaded documents, summarize updates, or...

0· 73·0 current·0 all-time
byAlex@hashedalex
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name and description align with the instructions: the skill queries a local ZSXQ DB (127.0.0.1:8000) for topics, documents, search, and sync. Declared requirement includes curl (used throughout). However, the SKILL.md also instructs starting the API with `uvicorn app.main:app` if the server isn't running, but `uvicorn` is not listed in the declared required binaries — an inconsistency between claimed requirements and runtime instructions.
Instruction Scope
Instructions are narrowly scoped to local endpoints (health, topics, documents, search, sync) and to building answers from retrieved records only. That is appropriate for the stated purpose. The reason for concern: the doc instructs the agent to start a local server from the project root using `uvicorn`, which implies executing local project code and accessing the filesystem. Starting a server is a higher-privilege action than issuing curl requests and should be explicitly declared and consented to.
Install Mechanism
No install spec and no code files means this is instruction-only, which is low-risk. Nothing is downloaded or written to disk by the skill itself. (Note: the runtime step that starts uvicorn would execute local code, but that's not an install action defined by the skill.)
Credentials
The skill declares no required environment variables, credentials, or config paths. The SKILL.md does not attempt to access external credentials. This is proportionate to its stated purpose of querying a local service.
Persistence & Privilege
always:false and default model invocation settings are used. The skill does not request permanent inclusion or cross-skill config modification, so its privilege level is appropriate. Note that autonomous invocation is enabled by default (normal), so the agent could call this skill without explicit user action when relevant.
What to consider before installing
This skill is mostly coherent: it queries a local ZSXQ API using curl and builds answers from local data. Before installing, confirm two things: (1) whether you are comfortable allowing the agent to start a local server process — the SKILL.md suggests running `uvicorn app.main:app` from the project root, which will execute code from your filesystem and should be done only with explicit consent; (2) the author should declare `uvicorn` (or otherwise document how the server is started) in the required binaries or remove the instruction to start the server. If you don't want the agent to run processes on your host, either run the API server yourself beforehand or disable autonomous invocation / require explicit user permission for actions that start local processes. If possible, inspect the project code that would be run by uvicorn (app.main) to ensure it is trustworthy and that the local API endpoints do not expose sensitive data to the agent.

Like a lobster shell, security has layers — review code before you run it.

latestvk976gqxy1wt71y9zamb108stds8388p2

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Binscurl

Comments