warn
suspicious.install_untrusted_source
- Location
- data/history.json:20
- Finding
- Install source points to URL shortener or raw IP.
国顺搜项目-招标监控
AdvisoryAudited by Static analysis on May 10, 2026.
Overview
Detected: suspicious.install_untrusted_source
Findings (1)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
ConcernHigh Confidence
ASI03: Identity and Privilege AbuseWhat this means
Anyone installing or viewing the skill receives this credential, and running the script may use a Feishu app or tenant the user did not intend.
Why it was flagged
The distributed configuration contains a Feishu app credential, while the registry requirements declare no primary credential; monitor.py uses this app_id/app_secret to request a Feishu tenant_access_token.
Skill content
"app_id": "cli_a9085cd9ebf95bb5", "app_secret": "jFQ...Mcnu"
Recommendation
Remove shipped secrets, rotate the exposed Feishu secret, and require users to provide their own credentials via local-only config or environment variables.
ConcernHigh Confidence
ASI07: Insecure Inter-Agent CommunicationWhat this means
If the user runs the monitor before changing config.json, bid-monitoring results could be delivered to unknown Feishu recipients.
Why it was flagged
The packaged default push configuration includes fixed Feishu recipient open_id values rather than empty or user-provided targets.
Skill content
"targets": ["ou_2ce...", "ou_b8a..."], "max_items": 999
Recommendation
Ship empty push targets, require explicit user configuration, and display/confirm recipients before sending or scheduling notifications.
NoteHigh Confidence
ASI04: Agentic Supply Chain VulnerabilitiesWhat this means
Dependency behavior may change over time or vary by environment.
Why it was flagged
The skill asks the user to install unpinned PyPI packages; this is normal for a Python scraping tool but leaves dependency versions and provenance to the user environment.
Skill content
pip install requests beautifulsoup4
Recommendation
Install in a virtual environment and prefer pinned, reviewed dependency versions.
NoteHigh Confidence
ASI10: Rogue AgentsWhat this means
If registered as a scheduled task, the monitor can continue scraping and sending notifications without a fresh prompt each time.
Why it was flagged
The included script is intended for recurring scheduled execution; SKILL.md presents scheduled monitoring as optional.
Skill content
cd /root/.openclaw/skills/bid-monitor python3 monitor.py >> /var/log/bid-monitor.log 2>&1
Recommendation
Only enable the schedule intentionally, verify the configured recipients first, and remove the scheduled task when monitoring is no longer wanted.