Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Tencent Docs
v1.0.11Provides comprehensive Tencent Docs operations including creating, reading, editing various document types, and managing knowledge base spaces and nodes.
⭐ 0· 323·0 current·1 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill's name, description, and large reference docs all describe Tencent Docs operations (create/read/edit docs, spaces, sheets, etc.), which is coherent. However the registry metadata shown to you earlier claims no required env vars or primary credential, while the SKILL.md frontmatter and metadata declare a primaryEnv TENCENT_DOCS_TOKEN and a tokenUrl — this mismatch is inconsistent and should be resolved.
Instruction Scope
SKILL.md is detailed and stays within the Tencent Docs MCP domain for API calls. It does instruct the agent to: run setup.sh to register the MCP service; call the MCP endpoint for update checks and tool calls; use scrape_url to fetch arbitrary webpages when a user provides a URL; and to read and Base64-encode local files when importing. Reading local files for the import workflow is coherent with import_file functionality, but any instructions that tell the agent to access local files or to prefer one scraping path for all URLs increase the attack surface and should be followed only with user consent. The docs also mention using Authorization and Cookie headers in example scripts — those credentials are not declared in the registry metadata.
Install Mechanism
There is no formal install spec (instruction-only), which is low-risk, but the package includes a setup.sh script (1520 bytes) that the SKILL.md instructs the user to run to register the MCP service. Running arbitrary setup scripts can change local agent configuration; review the script contents before executing and only run it if you trust the source.
Credentials
SKILL.md metadata clearly expects a TENCENT_DOCS_TOKEN (primaryEnv) and describes using Authorization and Cookie headers in example scripts. Yet the registry summary you were shown lists no required env vars/credentials. Requiring a single Tencent Docs token is reasonable for this skill, but the undeclared mention of Authorization/Cookie headers and the mismatch between registry and SKILL.md are red flags: the skill may need additional secrets or cookies not declared in the registry metadata.
Persistence & Privilege
always:false (good). The setup.sh script will register an MCP service with the local mcporter tool, which is a normal deployment step for an MCP-based integration but does modify local agent tooling state. The skill is allowed to be invoked autonomously (disable-model-invocation:false) — this is platform default and not itself a reason to block, but combined with undeclared credential instructions it widens potential impact. Review what setup.sh writes/changes before running.
What to consider before installing
Key things to check before installing: (1) Inspect setup.sh content before running it — it will register the MCP service and may modify local mcporter configuration. (2) Confirm which environment variables the skill actually needs: SKILL.md expects TENCENT_DOCS_TOKEN; the registry view you saw did not declare it — don't provide secrets until you confirm. (3) The docs show example scripts that use Authorization and Cookie headers for direct HTTP calls — ask the author whether those are required and why they aren't declared. (4) The skill advises reading local files and Base64-encoding them for manage.import_file; only allow that when you specifically intend to import a particular file. (5) If you are uncomfortable running setup.sh or providing tokens/cookies, request the full setup.sh and re-run the evaluation. If you proceed, give the least-privilege token possible and monitor network activity during first use.Like a lobster shell, security has layers — review code before you run it.
latestvk97e5bxcdswmfx3b7jk2h7wbrd83cbs5
License
MIT-0
Free to use, modify, and redistribute. No attribution required.