Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
野龙虾
v1.0.0阿里云 OSS 文件上传工具。支持单文件上传,适用于将本地文件上传到阿里云 OSS 并获取访问链接。
⭐ 0· 78·0 current·0 all-time
by@jerryxn
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill's name/description and the Python code all describe an Aliyun OSS single-file uploader (coherent). However the registry metadata at the top of the report claims no required env vars/credentials while SKILL.md, clawhub.yaml, README.md and the code itself require/access ALIYUN_OSS_ACCESS_KEY_ID, ALIYUN_OSS_ACCESS_KEY_SECRET, ALIYUN_OSS_ENDPOINT and ALIYUN_OSS_BUCKET. This mismatch between published metadata and the actual files is an incoherence that could cause the platform to not surface credential needs correctly.
Instruction Scope
The SKILL.md instructions and the code are narrowly scoped to reading OSS-related environment variables, creating/uploading a local file to OSS, and returning an URL. They do not reference unrelated system files or external endpoints beyond the OSS endpoint. Minor issues: SKILL.md metadata lists only two env vars while other docs and the code need four; the module's __main__ creates /tmp/test.txt when invoked directly (benign but behavior to be aware of).
Install Mechanism
No install spec that downloads arbitrary code; dependencies are standard (oss2 listed in requirements.txt and SKILL.md). There are no external URL downloads or extract steps. Overall install risk is low.
Credentials
The credentials requested by the code (AccessKey ID and Secret plus endpoint and bucket) are appropriate for OSS upload. The concern is that the registry metadata advertised 'no required env vars/primary credential', which is incorrect. Also documentation and code disagree on returned result field names (e.g., README lists 'success','key','bucket', 'mime_type' while code returns 'status' and 'object_name'), increasing the risk of misuse or accidental credential exposure if a user misconfigures the skill expecting different behavior.
Persistence & Privilege
Skill does not request always:true, does not modify other skills or global agent settings, and is user-invocable. It will read environment variables and access network (OSS) which is expected for its purpose.
What to consider before installing
This skill appears to be an OSS uploader and the Python code matches that function, but the package metadata and documentation disagree about what credentials and outputs are required. Before installing: 1) Verify the platform will prompt you for ALIYUN_OSS_ACCESS_KEY_ID, ALIYUN_OSS_ACCESS_KEY_SECRET, ALIYUN_OSS_ENDPOINT and ALIYUN_OSS_BUCKET (the code needs all four). 2) Use a RAM sub-account with the minimum OSS permissions (PutObject/GetObject) rather than a root account. 3) Inspect/scan the shipped aliossupload.py locally and run it in an isolated environment to confirm behavior (it creates /tmp/test.txt when run as __main__). 4) Be aware the README's returned JSON schema doesn't match the actual code — update or test the code before trusting automated workflows. 5) If you need stronger assurance, ask the publisher for a source repo or signed release and for corrected metadata/documentation. These inconsistencies look like sloppy packaging rather than overtly malicious behavior, but they increase the chance of accidental credential mishandling.Like a lobster shell, security has layers — review code before you run it.
latestvk974z82fnk35qb6h14zrgv5pws83bkae
License
MIT-0
Free to use, modify, and redistribute. No attribution required.