车牌号码归属地 - 即刻数据
PassAudited by VirusTotal on May 9, 2026.
Overview
Type: OpenClaw Skill Name: jike-vehicle-plate-query Version: 1.0.0 The skill is a straightforward implementation for querying Chinese vehicle plate locations using the Jike API (jikeapi.cn). The Python script (scripts/vehicle_plate_query.py) uses standard libraries to perform authenticated API requests and contains no evidence of malicious behavior, data exfiltration, or prompt injection.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Your Jike AppKey and the plate or prefix you query are transmitted to the external API service; if JIKE_API_BASE_URL is set, the destination can be changed from the default Jike endpoint.
The script uses an API credential and sends it with the user’s plate query to the configured API endpoint. This is purpose-aligned and disclosed, but it is still credential use that users should notice.
API_BASE_URL = os.environ.get("JIKE_API_BASE_URL", "https://api.jikeapi.cn").rstrip("/") ... urllib.parse.urlencode({'plate_number': plate_number, 'appkey': appkey})Use a dedicated Jike AppKey, keep it private, prefer environment variables over passing it on the command line on shared systems, and ensure JIKE_API_BASE_URL is unset or points only to a trusted endpoint.