ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

fadada-esign

v1.0.0

法大大电子合同与电子签署技能(FASC API 5.0)。一键发送合同给对方签署,支持查询签署状态、下载已签署合同。适用于HR合同、销售合同、协议签署等场景。当用户提到"发合同"、"让对方签合同"、"电子签"、"法大大"、"合同签署"、"查询签署状态"、"下载合同"等场景时触发。

0· 89·0 current·0 all-time
by@imadentive
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The skill claims to be a FaDaDa e-sign SDK (upload/send/query/download contracts) which matches the code and examples. However the registry metadata declares no required environment variables or primary credential while the SKILL.md and code explicitly require app credentials (FADADA_APP_ID, FADADA_APP_SECRET, FADADA_OPEN_CORP_ID) and access to a config file (~/.fadada). This mismatch between declared requirements and what the skill actually expects is concerning and could lead to silent failures or unexpected behavior.
Instruction Scope
SKILL.md instructions stay within the e-signature domain (set credentials, upload file, create tasks, query and download). However there are several inconsistencies inside the documentation/code: SKILL.md mentions HMAC-SHA256 signing, references/api_reference.md shows MD5-based signing in examples, and callback verification examples use SHA256 — these inconsistent signature descriptions across files could cause integration errors. The docs instruct creating config files in ~/.fadada and exporting secrets to env vars (expected), but the package files also import or reference multiple module names (fadada_api vs fadada_esign) and different default server URLs, which widens runtime behavior beyond the single, clear purpose.
Install Mechanism
There is no install spec in the registry (instruction-only), but the bundle includes a full Python SDK and packaging files (setup.py, many modules). This is not inherently malicious, but it's unusual: the package contains code that would be installed/ran by users even though the skill metadata contains no explicit install instructions. Confirm the intended install source (PyPI, GitHub, local) before running code.
!
Credentials
The skill requires application credentials for FaDaDa (app_id/app_secret/open_corp_id) according to SKILL.md and examples — that's appropriate for an e-sign SDK — but the registry metadata does not declare these required env vars or a primary credential. Also some code defaults to a non-standard server_url ('https://uat-dev.fadada.com/'), rather than clearly using the official domains listed in the API reference. The combination of undeclared required secrets and an unexpected default endpoint is disproportionate and increases risk of accidental credential exposure or misuse.
Persistence & Privilege
The skill does not request always:true and uses the platform defaults (user-invocable, model invocation enabled). It does not request system-level paths or attempt to modify other skills. No persistent privileged injection or global 'always' presence is requested.
What to consider before installing
This package mostly looks like an SDK for FaDaDa e-signature, but there are several red flags to check before installing or using it: - Credentials: SKILL.md and examples expect FADADA_APP_ID, FADADA_APP_SECRET, and FADADA_OPEN_CORP_ID. The registry metadata does NOT declare these — assume the code will need them. Only provide these secrets if you trust the code/repo and environment; prefer creating a dedicated FaDaDa app with limited scope. - Endpoints and signature algorithms: the files disagree about API base domains and signing algorithms (MD5 vs SHA256 vs HMAC-SHA256). Confirm with the official FaDaDa documentation which signing algorithm and endpoint to use; otherwise requests may fail or, worse, go to an unexpected server. - Default server_url: some code defaults to 'https://uat-dev.fadada.com/' (a non-standard/test-sounding host). Verify and explicitly set server_url to the official FaDaDa endpoints before uploading any real documents or sending credentials. - Source authenticity: the package metadata and code contain mismatched versions/names (e.g., _skillhub_meta.json version 2.0.0 vs registry version 1.0.0, multiple module names). If you plan to use this SDK, obtain it from the official FaDaDa repository or PyPI entry maintained by FaDaDa rather than an unknown source bundled here. - Local safety checks: inspect the code paths that upload files and where they point. Grep for server_url, upload endpoints, and any hardcoded URLs. Run in an isolated environment (sandbox/container) first and test with non-sensitive sample documents. - Dependencies: setup.py lists only requests, but some modules import pandas at top-level (fadada_client.py) which will fail unless pandas is installed; check requirements before running. - Least privilege: create FaDaDa test credentials for evaluation (not production app_secret), set config file permissions to 600 as recommended, and avoid hardcoding secrets in code. If you cannot verify the source or the endpoints, treat this skill as untrusted and prefer an official SDK or API integration from FaDaDa's official channels.

Like a lobster shell, security has layers — review code before you run it.

latestvk974z6dmg8eaezagm4qgkw3qn583w3bp

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments