Vehicle License Plate Number Restriction - 车辆尾号限行
Security checks across malware telemetry and agentic risk
Overview
This skill appears to do what it advertises: use a JisuAPI key to look up vehicle license-plate restriction rules.
Before installing, make sure you are comfortable sending vehicle-restriction queries and your JisuAPI key to api.jisuapi.com. Use a limited API key if possible and ensure the Python requests dependency comes from a trusted source.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Your JisuAPI key and queried city/date are sent to JisuAPI, which may affect your API quota or account usage.
The skill reads a JisuAPI credential from the environment and sends it as an API parameter to the vehicle restriction service. This is disclosed and expected for the integration, but it is still credential use.
appkey = os.getenv("JISU_API_KEY") ... params = {"appkey": appkey, "city": city, "date": date}Use a dedicated JisuAPI key with only the needed service access, monitor quota usage, and avoid sharing the key in chat or logs.
The skill may fail unless requests is already installed, or users may install it separately without a pinned version.
The code depends on the external Python package requests, while the provided install information declares no install spec and lists only python3 as a required binary.
import requests
Install dependencies from trusted package sources and prefer a declared, pinned dependency if packaging this skill for repeat use.