Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
boc deploy
v1.0.1博云BOC容器平台 部署工具。根据部署规划信息自动生成配置文件并执行部署。使用场景:用户需要部署 BOC容器平台时使用,包括生成 config.yaml、执行 bocctl run、监控部署状态。
⭐ 0· 108·0 current·0 all-time
byRick@hongruiji
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The SKILL.md describes generating config.yaml, uploading it to the deploy host, and running bocctl/nerdctl/ansible/kubectl commands — all coherent with a deployment tool. However the registry metadata claims no required binaries or env vars, while the instructions clearly rely on system tools (ssh/scp/nerdctl/bocctl/kubectl/nohup/ansible). The missing declarations are an inconsistency.
Instruction Scope
Instructions ask the agent to collect SSH credentials (ssh_password), generate a config.yaml that includes node credentials, upload it to /root/config.yaml on the deployment host, and run long-lived deployment commands. This requires handling sensitive secrets and remote access; the SKILL.md does not specify how SSH/upload is performed or how secrets are protected. The scope is otherwise limited to deployment steps, but secret handling and unspecified remote execution are security-relevant gaps.
Install Mechanism
This is an instruction-only skill with no install spec and no code files, so it does not write or execute bundled code on disk. That lowers install-time risk.
Credentials
The skill requires sensitive inputs at runtime (SSH username/password and per-node credentials) which are proportional to performing an automated installation, but the skill provides no guidance for secure handling (e.g., prefer SSH key, avoid embedding plaintext in logs), and metadata does not declare these as required secrets or provide secure-storage hooks. The practice of generating and uploading a config containing passwords to /root/config.yaml can expose credentials if not handled carefully.
Persistence & Privilege
The skill is not always-enabled and is instruction-only; it does not request persistent privileges or modify other skills or global agent settings. Autonomous invocation is allowed but is the platform default and not by itself flagged.
What to consider before installing
This skill appears to be a straightforward deployment recipe for the BOC container platform, but there are gaps you should consider before using it:
- The SKILL.md expects tools like ssh/scp, nerdctl, bocctl, kubectl and ansible on the machine(s) it runs against, but the package metadata lists no required binaries — verify your environment has these installed.
- You will be asked to provide SSH usernames and plaintext passwords. Prefer using SSH key-based auth and avoid supplying root passwords to untrusted skills. If you must provide passwords, ensure the agent will not log or leak them and remove the uploaded config.yaml after use.
- The skill instructs uploading a config file to /root/config.yaml containing node credentials. That is typical for automated installs but increases risk if the deployment host is shared or compromised; review and harden access to the deployment host, and consider storing secrets in a vault instead.
- There is no source or homepage and the owner is unknown; treat the skill as unvetted. If possible, obtain the official deployment playbooks directly from your vendor or run these steps manually or from a vetted automation repository.
If you decide to proceed: run in a controlled environment, use key-based SSH, avoid giving unnecessary credentials, inspect the generated config.yaml before uploading, and monitor logs for accidental credential leakage.Like a lobster shell, security has layers — review code before you run it.
latestvk978qcxyb96ygwpqrsmfnymv4583p99c
License
MIT-0
Free to use, modify, and redistribute. No attribution required.