critical
suspicious.dynamic_code_execution
- Location
- tests/test_hik_open_device_group_management.py:20
- Finding
- Dynamic code execution detected.
海康云眸设备分组管理
AdvisoryAudited by Static analysis on May 10, 2026.
Overview
Detected: suspicious.dynamic_code_execution
Findings (1)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
What this means
If invoked with the wrong group or device identifiers, the agent could change or delete device organization data in the user's Hik-Cloud account.
Why it was flagged
The skill explicitly supports deleting groups, updating groups, and transferring devices in Hik-Cloud, which are account-mutating operations. The artifacts do not document confirmation, dry-run, or rollback requirements before these actions.
Skill content
- 删除组 - 更新组 - 设备转移分组
Recommendation
Require explicit user confirmation for delete, update, create, and device-transfer operations; use least-privilege Hik-Cloud credentials; and review the target group/device identifiers before running.
What this means
Anyone who can access the configured credentials or cached token may be able to call Hik-Cloud APIs within the token's permissions.
Why it was flagged
The skill uses Hik-Cloud credentials to obtain access tokens and caches tokens. This is expected for the integration, but it is sensitive account access.
Skill content
token cache ... HIK_OPEN_CLIENT_ID + HIK_OPEN_CLIENT_SECRET 自动换取
Recommendation
Store credentials securely, restrict file permissions on the token cache, rotate secrets if exposed, and prefer a credential with only the permissions needed for device group management.
What this means
Users have less external context for verifying who maintains the skill or where updates come from.
Why it was flagged
The skill's registry metadata does not provide an upstream source or homepage, which limits provenance verification even though the included code is reviewable.
Skill content
Source: unknown Homepage: none
Recommendation
Install only if you trust the publisher, and prefer versions with a public source repository or documented provenance.