Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
fangcloud_ai
v1.0.1亿方云 (Fangcloud) AI 能力集成 Skill。支持文件管理(列表、上传、下载、分享)、协作邀请、知识库对话 (DeepSeek) 以及智能体交互。当用户需要操作亿方云文件、查询最近文档或创建分享链接时,使用此 Skill。
⭐ 0· 226·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description and SKILL.md consistently describe Fangcloud file and knowledge-base operations and reference the proper Fangcloud API endpoints. Included scripts and OpenAPI reference align with that purpose. However, the registry metadata lists no required environment variables while SKILL.md explicitly requires FANGCLOUD_USER_TOKEN (and optionally FANGCLOUD_ADMIN_TOKEN), which is an inconsistency the user should be aware of.
Instruction Scope
Runtime instructions tell the agent to use a Go CLI binary and to read FANGCLOUD_USER_TOKEN / FANGCLOUD_ADMIN_TOKEN from the environment to call Fangcloud APIs — this is appropriate for the described functionality. The instructions also include scripts to download, extract, validate, and execute prebuilt binaries from a remote Fangcloud URL; executing remote binaries increases risk even though it is within the declared purpose (distributing a CLI).
Install Mechanism
There is no formal install spec (instruction-only), but the bundle includes download and run scripts that fetch release archives from https://app.fangcloud.com/sync/vv25/knowclaw/release/ and extract/run binaries. The URL is a project domain (not a shortener or unknown host), which reduces suspicion, but downloading and executing remote binaries (zip/exe) is a higher-risk install pattern and should be treated cautiously.
Credentials
SKILL.md requires FANGCLOUD_USER_TOKEN and conditionally FANGCLOUD_ADMIN_TOKEN (sensitive credentials) which are proportionate to accessing Fangcloud APIs. However, the skill manifest did not declare any required env vars or a primary credential — that mismatch is a red flag. Additionally the repo includes build-time env vars (MACOS_SIGN*, notarization) unrelated to runtime which may confuse users.
Persistence & Privilege
Skill does not request always:true, does not declare persistent agent-wide modifications, and uses normal autonomous invocation defaults. It does download and place binaries under cli/release and cli/bin when run, but this is limited to the skill folder and is consistent with distributing a CLI.
What to consider before installing
This skill appears to implement Fangcloud API interactions and includes scripts to download and run a prebuilt Go CLI from app.fangcloud.com — that behavior can be legitimate but carries risk. Before installing/providing credentials: (1) Verify you actually want the agent to read environment variables FANGCLOUD_USER_TOKEN (and only provide FANGCLOUD_ADMIN_TOKEN if necessary and trusted). The registry metadata not declaring these env vars is an inconsistency. (2) Inspect or obtain the release binaries/checksums from a trusted source before running; prefer verifying signatures or checksums. (3) If you must run the download/run scripts, do so in a sandbox or VM, and avoid supplying high-privilege admin tokens unless required. (4) If you need greater assurance, request the upstream source or a signed release, or decline to run remote binaries and instead build from source in a controlled environment. If you want, I can list the exact files/URLs to inspect and steps to verify checksums or run safely in a container.Like a lobster shell, security has layers — review code before you run it.
latestvk976eazjetwbag9cc8keb1bt65835prc
License
MIT-0
Free to use, modify, and redistribute. No attribution required.