Back to skill
Skillv1.1.0
ClawScan security
ZAI Coding Plan Usage · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 17, 2026, 9:28 AM
- Verdict
- Benign
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's code and instructions match its stated purpose (querying Z.ai usage) but there are minor metadata omissions (it reads an OpenClaw auth file and requires Node) that you should be aware of before installing.
- Guidance
- This skill appears to do what it says: it runs a Node script that queries Z.ai endpoints for usage and reads an API key from your OpenClaw auth file or ZAI/ZHIPU env vars. Before installing, verify: (1) you are comfortable the script will read ~/.openclaw/agents/main/agent/auth-profiles.json (inspect that file to see what it contains); (2) provide the API key via an env var if you prefer not to let the script read the auth file; (3) Node must be available on the system (metadata does not list it); (4) confirm open.bigmodel.cn is the expected Z.ai API host for your account. If any of those are concerning, run the script manually in a sandbox or decline to enable the skill.
Review Dimensions
- Purpose & Capability
- okThe script calls Z.ai endpoints on open.bigmodel.cn to fetch model/tool usage and quota, and reads an API key from the OpenClaw auth file or ZAI/ZHIPU environment variables — this is consistent with a 'Z.ai Coding Plan Usage' skill.
- Instruction Scope
- noteSKILL.md instructs running a node script in the user's OpenClaw workspace and the script reads ~/.openclaw/.../auth-profiles.json and environment variables. That behavior is aligned with the purpose but the metadata did not declare the config path access; the instructions are not asking for unrelated files.
- Install Mechanism
- noteThis is an instruction-only skill (no install spec), which is low-risk, but the script requires Node to run. The registry metadata lists no required binaries even though SKILL.md and the script expect 'node' on PATH.
- Credentials
- noteNo credentials are declared in metadata, but the script reads the OpenClaw auth file and env vars ZAI_API_KEY or ZHIPU_API_KEY. Those variables are appropriate for this purpose, but reading the OpenClaw auth-profiles.json may expose other local OpenClaw-stored credentials if that file contains them.
- Persistence & Privilege
- okalways is false and the skill does not write or persist data or modify other skills; it only reads a config file and performs network requests.