ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

onebot

v1.0.1

通过 OneBot HTTP API 使用curl命令发送QQ私聊或群消息,支持文本及图片、文件等特殊内容。

0· 132·0 current·0 all-time
by@jqllxew
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name and description (OneBot message sending) align with the SKILL.md and _meta.json: both expect curl and describe constructing OneBot HTTP POSTs to /send_private_msg and /send_group_msg. No unrelated env vars, binaries, or config paths are requested.
Instruction Scope
Instructions are narrowly scoped to building OneBot-related curl commands and ask the agent to confirm host/port and message targets. This is coherent. Minor note: executing generated curl commands will send arbitrary message content (including user-supplied strings or file URLs) to whatever host the user supplies — verify hosts are trusted and avoid embedding sensitive local data in messages.
Install Mechanism
Instruction-only skill with no install spec or code files; lowest-risk delivery model. The SKILL.md and _meta.json consistently list curl as a dependency.
Credentials
The skill requests no environment variables, credentials, or config paths. That matches its function of constructing local HTTP calls to a OneBot endpoint and is proportionate.
Persistence & Privilege
always is false and the skill does not request elevated persistence or modify other skills. Model invocation is allowed (default) which is normal for user-invocable skills.
Assessment
This skill simply generates curl commands to call a OneBot HTTP API. Before installing or using it: (1) confirm you trust the OneBot server address you provide (don’t point it at unknown remote hosts), (2) be careful not to include secrets or local file paths you don't want transmitted in message content, (3) ensure curl is present on the agent host, and (4) require explicit confirmation before executing any generated command if you want to avoid automatic message sending.

Like a lobster shell, security has layers — review code before you run it.

latestvk977hx3mpvysc7f4sqsj0t1p118326be

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments