Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
CPA Update - Secure CLI Proxy API Maintenance
v2.2.1安全更新和维护 CLI Proxy API(CPA)部署与配置。用于 CPA 镜像升级、配置变更、认证目录兼容修复、上线验证与回滚。适用于用户提到“CPA 更新/升级/配置改了/容器重建/回滚”等场景。
⭐ 1· 285·0 current·0 all-time
by@jojo587
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description and the instructions are coherent: SKILL.md provides a step-by-step Docker-based workflow for backing up, testing, upgrading, and rolling back a CLI Proxy API. However the metadata claims no required binaries or config paths while the instructions clearly require Docker, docker CLI operations (run/exec/pull/save/load), and common shell tools (cp, mv, sed, grep, curl, tar). This mismatch between declared requirements and actual operational needs is an incoherence the user should be aware of.
Instruction Scope
Instructions explicitly read and copy host files (e.g., /opt/cliproxyapi/config.yaml and /opt/cliproxyapi/auth), run commands inside containers, pull images from Docker Hub, and create/restore local tar archives of images. Those actions are expected for an update/rollback workflow, but they require broad local filesystem and Docker privileges. The SKILL.md does not instruct sending these artifacts to external endpoints, but it does reference API keys (placeholders) and suggests copying auth directories — which are sensitive and must be handled carefully.
Install Mechanism
This is an instruction-only skill with no install spec and no bundled code, so there is no automatic download or execution of remote code from the skill itself. That lowers supply-chain risk relative to code-installing skills.
Credentials
Metadata lists no required environment variables or config paths, yet the runtime instructions assume the presence of API keys/providers and specific host paths (/opt/cliproxyapi and the container's /root/.cli-proxy-api). The skill implicitly requires access to the Docker daemon (and thus elevated privileges) and to local auth/config directories containing sensitive credentials, but these privileges/requirements are not declared in the manifest.
Persistence & Privilege
The skill is not always-enabled and does not request persistent/privileged platform features. It only contains runtime instructions; there is no installation step that modifies other skills or the agent configuration.
Scan Findings in Context
[NO_FINDINGS] expected: The regex-based scanner had nothing to analyze because this is an instruction-only skill (no code files). That absence of findings does not imply safety; the SKILL.md itself describes privileged host and container operations.
What to consider before installing
This skill's documented workflow appears reasonable for upgrading a Docker-hosted CPA, but be aware of two issues before installing or running it: (1) The manifest omits required tools and paths — you will need docker, curl, sed/grep, tar and access to the Docker daemon and the host paths (e.g., /opt/cliproxyapi). (2) The instructions operate on sensitive auth/config directories and perform image save/load and container run/remove actions; run them only with explicit operator oversight and on a trusted host. If you lack comfort or need auditing, run the listed commands manually (or in a controlled test environment) rather than allowing automated execution, verify the official image sources before pulling, and ensure backups are stored in a secure location off the production host.Like a lobster shell, security has layers — review code before you run it.
latestvk971947xpx8zhgk6b9nym8hbfx82f8t4
License
MIT-0
Free to use, modify, and redistribute. No attribution required.