ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

OpenClaw Claude Code 百炼配置

v1.0.0

调用 Claude Code CLI 进行代码开发、代码审查、bug 修复和自动化任务。当用户需要:(1) 代码审查和审查 PR,(2) 重构和性能优化,(3) 编写测试,(4) 自动修复 lint 错误,(5) 创建 commit 和 PR,(6) 复杂的多文件代码修改,(7) 使用自然语言描述编程任务时使用此...

0· 433·5 current·5 all-time
by@kotoriy
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
The skill's name and description say it calls the Claude Code CLI, but the registry metadata declares no required binaries or env vars. SKILL.md repeatedly expects the 'claude' binary, Anthropic credentials (ANTHROPIC_AUTH_TOKEN / ANTHROPIC_BASE_URL), Git and GitHub interactions, and ability to modify a %USERPROFILE%\.claude settings file. Those capabilities should have been declared; their absence is an incoherence.
!
Instruction Scope
Runtime instructions tell the agent to run installers, call 'claude' in PTY mode, read git diffs and project files, create commits/PRs, add MCP servers (which may include providing environment variables), and modify local config (.claude/agents, settings.json). Many of these actions access user files and credentials (or would require them) but the skill metadata does not declare that scope or those needs.
!
Install Mechanism
There is no formal install spec in the registry, but the SKILL.md recommends executing remote installers (e.g., 'irm https://claude.ai/install.ps1 | iex') and running npx commands for MCP servers. Piping remote PowerShell into iex is high risk (arbitrary remote code execution). These recommended install steps are unsafe unless the user verifies the source and integrity.
!
Credentials
The document references and shows examples using ANTHROPIC_AUTH_TOKEN, ANTHROPIC_BASE_URL, and passing env VAR=value to MCP servers, but the skill declares no required env vars or primary credential. It also instructs operations that commonly require GitHub tokens (creating PRs) without declaring that need. Requesting or handling such credentials is proportionate to the tool's purpose, but the omission in metadata is a red flag and could lead to surprising credential access.
Persistence & Privilege
always:false (good). However, the instructions expect the skill/agent to write or modify user configuration under %USERPROFILE%\.claude and to add MCP servers and agents (persistent config). This is legitimate for a CLI integration but should be explicit in metadata because it modifies user state and can store tokens or endpoints.
What to consider before installing
What to consider before installing/use: - Metadata is missing: the skill uses the 'claude' CLI and Anthropic-style tokens but does not declare required binaries or env vars. Assume you'll need to provide an Anthropic API key and the 'claude' binary. - Do NOT run remote PowerShell scripts you don't fully trust (the README suggests 'irm https://claude.ai/install.ps1 | iex'). Prefer verified installers (winget) or manual installation after inspecting the script. - The skill instructs creating commits/PRs and adding MCP servers (which may require GitHub or other service tokens). Only provide those credentials if you trust the source and scope. - The instructions modify %USERPROFILE%\.claude and .claude/agents; review those files after changes. - Avoid using flags like --dangerously-skip-permissions and prefer --permission-mode plan when doing security-sensitive audits. - If you want to proceed: (1) verify the claude installer URL and prefer official releases/winget, (2) run installs in a controlled environment first (VM/container), (3) only provide service tokens with least privilege, and (4) request the skill author to update registry metadata to declare required binaries and env vars so the skill's intent and privileges are explicit.

Like a lobster shell, security has layers — review code before you run it.

bailianvk975mv286vb37jejvyz5t6ctph82ha9tclaude-codevk975mv286vb37jejvyz5t6ctph82ha9tlatestvk975mv286vb37jejvyz5t6ctph82ha9tmodel-configvk975mv286vb37jejvyz5t6ctph82ha9topenclawvk975mv286vb37jejvyz5t6ctph82ha9t

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments