Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

DW-Copilot

v0.0.1

基于 SpecKit SDD（Spec-Driven Development）方法论的数仓开发 Agent 技能。将自然语言需求经多阶段澄清与收敛，产出符合规范的 Spec 文档、执行计划及可直接落地的 DDL/ETL/调度配置代码。支持自定义平台技术栈和自定义项目公约。

⭐ 1· 62·0 current·0 all-time

by@honghaolee

MIT-0

Download zip

LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.

Security Scan

VirusTotal

Suspicious

View report →

OpenClaw

Suspicious

medium confidence

ℹ

Purpose & Capability

The name/description (Spec-driven DW development -> produce spec/plan/task and DDL/ETL/Azkaban configs) aligns with the included templates and workflow files. The resource files legitimately include metadata collection methods (manual/jdbc/openapi/web/hdfs), Azkaban/job examples, and platform/project conventions — all expected for a DW copilot. No unrelated capabilities (e.g., cloud provider admin APIs) are present.

Instruction Scope

The SKILL.md and resource templates instruct the Agent to collect metadata via JDBC/OpenAPI/web/HDFS which may require requesting or using sensitive credentials and file paths. The templates explicitly reference environment variable placeholders and system paths (e.g., ${DW_JDBC_USER}, ${DW_JDBC_PASS}, ${META_API_AK}, ${META_API_SK}, ${WEB_META_TOKEN}, keytab paths like /etc/security/keytabs/dw_user.keytab) even though the skill registry declares no required env vars. The skill also instructs generating runnable code referencing absolute production-like paths (/data/scripts/...), and mandates inlining conventions and implementation details into generated task code. While these are plausible for the stated purpose, they expand the agent's runtime scope to access credentials, network endpoints, and potentially local files — so review and restrict what the agent is allowed to request or receive.

✓

Install Mechanism

Instruction-only skill with no install spec and no bundled code to execute. This is low-risk from installation perspective (nothing downloaded or written during install).

Credentials

Although requiring DB/API tokens is proportionate to metadata collection for a DW copilot, the skill registry lists no required environment variables while the resources reference many sensitive values. Examples found in files: DW_JDBC_USER, DW_JDBC_PASS, META_API_AK, META_API_SK, WEB_META_TOKEN, cookie strings, HDFS namenode and potential Kerberos keytab paths. The absence of declared required env vars is an incoherence (the skill can/should ask for credentials at runtime or declare them); users should be wary about providing secrets and prefer least-privilege, read-only credentials and out-of-band provisioning.

✓

Persistence & Privilege

The skill does not request always:true and has no install-time actions or system-wide config changes. It is user-invocable and may run autonomously (default), which is expected. The skill does not attempt to modify other skills or agent system config in the provided files.

What to consider before installing

This skill appears coherent for generating Spec/Plan/Task artifacts for data warehouse work, but pay attention to these points before installing or using it: - Origin: the source is unknown and no homepage is provided. Prefer skills from known maintainers or inspect files closely. - Credentials: the templates reference many sensitive values (JDBC username/password, platform AK/SK, web tokens/cookies, Kerberos keytabs). The registry metadata declares no required env vars — expect the agent to ask for these at runtime. Do NOT paste production credentials directly into chat. Use least-privilege, read-only accounts or temporary/test credentials. - External connections: Phase 1 may instruct connecting to database hosts, metadata APIs, HDFS namenode, or web portals. Confirm network endpoints and scope before allowing connections; validate that any AK/SK or tokens are scoped and revocable. - Generated code: task.md examples include absolute paths (/data/scripts/...) and production-like settings. Review generated DDL/SQL and Azkaban configs before deploying; run outputs in an isolated/test environment first. - Secrets handling: ensure any credentials the skill requests are provided via secure, out-of-band mechanisms (agent environment variables or a secrets manager) rather than pasted into chat logs. If your platform supports declaring required env vars for the skill, insist they be declared and audited. - Confirm behavior: the skill enforces user confirmation points (Phase 3 and 5) which reduces autonomous risky actions, but you should verify the agent actually prompts and does not proceed without explicit approval. If you decide to use it: test with dummy datasets/accounts, restrict credential privileges, and review all generated scripts/configs before applying them to production.

Like a lobster shell, security has layers — review code before you run it.

latestvk974xpedh43w0dwcspj3rbwshs83z0ce

License

MIT-0

Free to use, modify, and redistribute. No attribution required.

Termshttps://spdx.org/licenses/MIT-0.html

DW-Copilot

License

Comments